Re: Gain root access on linux servers with physical access

Hello,

Don't low-level format the drives just yet. I suggest one lock up the drives
in a safe, if not, take a forensic image. That way one can perform an
investigation if needed.

For the cost of a drive these days I would put it into a safe for a year
(consult a lawyer in your jurisdiction) just in case it is needed.

Regards,

-- 
Jason Muskat  | GCFA, GCUX - de VE3TSJ
____________________________
TechDude
e. Jason@TechDude.Ca
m. 416 .414 .9934

http://TechDude.Ca/


> From: Michael Weber <mweber@alliednational.com>
> Date: Mon, 18 Dec 2006 07:15:57 -0600
> To: <pen-test@securityfocus.com>
> Subject: Re: Gain root access on linux servers with physical access
> Resent-From: <pen-test-return-1078483269@securityfocus.com>
> Resent-Date: Tue, 19 Dec 2006 21:08:40 -0700 (MST)
>
> Just my $0.02.
>
> Would YOU trust any code a blackmailer wrote?  Personally, I would call
> the police and let them deal with extortion charges, then I would
> low-level format every box that these people have touched, cut my losses
> and try it again.
>
> If they are blackmailing now, what's to say they also didn't install a
> trojan, back door or logic bomb to get more money later?
>
> -Michael
>
> > > > On 12/17/2006 at 6:17 PM, Patrick <flymooney@gmail.com> wrote:
>
> >    The dedicated hosting providers I have dealt with will pull a
> machine 
> > for you if that is what you need. You usually have to call ahead and
>
> > there is a small charge for it as well. I would think it would be a
> big 
> > hassle but they are happy to do it (the two times I have had to).
> They 
> > even had a test bench they let me use for moving drives around and
> > testing the configuration. But as with everything, YMMV.
> >
> > Patrick
> ------------------------------------------------------------------------
> > This List Sponsored by: Cenzic
> >
> > Need to secure your web apps?
> > Cenzic Hailstorm finds vulnerabilities fast.
> > Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
>
> > 0008bOW
> ------------------------------------------------------------------------
>
>
> E-MAIL CONFIDENTIALITY NOTICE: This communication and any associated
> file(s) may contain privileged, confidential or proprietary
> information or be protected from disclosure under law ("Confidential
> Information").  Any use or disclosure of this Confidential Information,
> or taking any action in reliance thereon, by any individual/entity
> other than the intended recipient(s) is strictly prohibited.  This
> Confidential Information is intended solely for the use of the
> individual(s) addressed. If you are not an intended recipient, you
> have received this Confidential Information in error and have an
> obligation to promptly inform the sender and permanently destroy,
> in its entirety, this Confidential Information (and all copies
> thereof).  E-mail is handled in the strictest of confidence by
> Allied National, however, unless sent encrypted, it is not a secure
> communication method and may have been intercepted, edited or
> altered during transmission and therefore is not guaranteed.