Securing a Compromised Unix Machine FAQ

Frequently Asked Questions about some suggestions for securing your Unix machine after it has already been compromised.

This FAQ about some suggestions for securing your Unix machine after it has already been compromised was compiled and written by Christopher Klaus cklaus@iss.net with numerous contributions by others.

Acknowledgements

Thanks to the following people for adding and shaping this FAQ:

Tomasz Surmacz tsurmacz@asic.ict.pwr.wroc.pl
Wes Morgan (morgan@engr.uky.edu)
Alan Hannan (alan@noc1.mid.net)
Peter Van Epp vanepp@sfu.ca
Richard Jones electron@suburbia.apana.org.au
Wieste Venema wietse@wzv.win.tue.nl
Adrian Rodriguez adrian@caip.rutgers.edu
Jill Bowyer jbowyer@selma.hq.af.mil
Andy Mell amell@cup.cam.ac.uk

Copyright

This paper is Copyright (c) 1994, 1995, 1996
by Christopher Klaus of Internet Security Systems, Inc.

Permission is hereby granted to give away free copies electronically. You may distribute, transfer, or spread this paper electronically. You may not pretend that you wrote it. This copyright notice must be maintained in any copy made. If you wish to reprint the whole or any part of this paper in any other medium excluding electronic medium, please ask the author for permission.