tsb95
/
GeronBook
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
GeronBook/Ch3/datasets/spam/easy_ham/01621.877e68b6e88c06b955046...

71 lines
3.2 KiB
Plaintext
Raw Blame History

From secprog-return-492-jm=jmason.org@securityfocus.com Fri Sep 6 11:36:01 2002
Return-Path: <secprog-return-492-yyyy=spamassassin.taint.org@securityfocus.com>
Delivered-To: yyyy@localhost.spamassassin.taint.org
Received: from localhost (jalapeno [127.0.0.1])
by jmason.org (Postfix) with ESMTP id E66B916F18
for <jm@localhost>; Fri, 6 Sep 2002 11:35:06 +0100 (IST)
Received: from jalapeno [127.0.0.1]
by localhost with IMAP (fetchmail-5.9.0)
for jm@localhost (single-drop); Fri, 06 Sep 2002 11:35:06 +0100 (IST)
Received: from webnote.net (mail.webnote.net [193.120.211.219]) by
dogma.slashnull.org (8.11.6/8.11.6) with ESMTP id g869rVC29298 for
<jm@jmason.org>; Fri, 6 Sep 2002 10:53:31 +0100
Received: from outgoing.securityfocus.com (outgoing3.securityfocus.com
[66.38.151.27]) by webnote.net (8.9.3/8.9.3) with ESMTP id XAA18901 for
<jm@jmason.org>; Thu, 5 Sep 2002 23:06:36 +0100
Received: from lists.securityfocus.com (lists.securityfocus.com
[66.38.151.19]) by outgoing.securityfocus.com (Postfix) with QMQP id
868A2A33C1; Thu, 5 Sep 2002 14:19:21 -0600 (MDT)
Mailing-List: contact secprog-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <secprog.list-id.securityfocus.com>
List-Post: <mailto:secprog@securityfocus.com>
List-Help: <mailto:secprog-help@securityfocus.com>
List-Unsubscribe: <mailto:secprog-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:secprog-subscribe@securityfocus.com>
Delivered-To: mailing list secprog@securityfocus.com
Delivered-To: moderator for secprog@securityfocus.com
Received: (qmail 24062 invoked from network); 5 Sep 2002 19:24:13 -0000
Message-Id: <3D77A587.405@wirex.com>
Date: Thu, 05 Sep 2002 11:42:15 -0700
From: Crispin Cowan <crispin@wirex.com>
Organization: WireX Communications, Inc.
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020827
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: scottm@crystal.ncc.cc.nm.us
Cc: Ben Mord <bmord@icon-nicholson.com>,
"Webappsec Securityfocus.Com" <webappsec@securityfocus.com>,
SECPROG Securityfocus <SECPROG@securityfocus.com>
Subject: Re: FW: use of base image / delta image for automated recovery
from attacks
References: <NAEOJLMPJMJDFPLHIOJOOEGMDBAA.bmord@icon-nicholson.com>
<3D7793B5.8344A1B5@crystal.ncc.cc.nm.us>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Scott MacKenzie wrote:
>There is a software package that is used (or was up through w2k)
>on MicroSloth for this purpose. Ghost, or some such. One essentially
>"takes a picture" of the machine's proper config, and then upon
>schedule or demand replaces the machine's current config with the
>proper picture. It essentially over-writes the entire disk drive.
>Especially good for student access machines at libraries, etc.
>
And it is pretty common practice in some environments with public
workstations to just wipe and re-install Windows machines on a weekly
(or even daily) basis. It's easier than trying to maintain Windows.
Crispin
--
Crispin Cowan, Ph.D.
Chief Scientist, WireX http://wirex.com/~crispin/
Security Hardened Linux Distribution: http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html
Reference in New Issue View Git Blame Copy Permalink