>>> cparker@xxxxxxxxxxxx 2005-08-21 00:39:48 >>>
> At this point I have not checked for a rootkit, though I plan to do
that
> before I wipe the box.
I think you should consider dumping partition data to some image ("dd
if=/dev/XYZ of=/abc/XYZ.image").
Benefits:
1) you could reinstall the machine without worrying about loss of
data/evidence/configuration.
2) you could examine disk contents many times later on some other
machine ("mount -t <fs_type> /path/to/XYZ.image /mnt/XYZ").
bartek
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
