some unknown scripts
Matthew Carpenter
matt
Mon May 17 12:01:43 PDT 2004
james at jamesmcdonald.id.au wrote:
>>>If you are convinced the system is compromized, copy RAM to a networked
>>>
>>>
>>machine using dd | ssh and then power down the box (not shutdown, power
>>off hard) and create 3 copies of the HD using DD from a bootable distro
>>onto other drives, clean if possible, but zeroed either way.
>>
>>
>
>How would you copy RAM to a networked machine exactly. I'm curious.
>
>James
>
>
>_______________________________________________
>Linux-users mailing list
>Linux-users at smtp.linux-sxs.org
>Unsubscribe/Suspend/Etc -> http://smtp.linux-sxs.org/mailman/listinfo/linux-users
>
>
>
>
I believe the following would do the trick:
tar zcf - /proc/kcore | ssh root at some.other.box tar zxf -
personally I'd probably use netcat but that's not as intuitive and
simple to type in this note.
More information about the Linux-users
mailing list