On Tue, Jun 18, 2002 at 11:42:23PM -0400, crazytrain.com wrote: > One way 'around this' was to issue 'shutdown -n'. The '-n' option caused a > dirty shutdown whereby init wouldn't be called and scripts not run, so > processes were halted and not stopped cleanly. Good thing was you could > avoid a 'trojan script'. Bad thing was bringing the system back up may be > extremely difficult, data loss, etc. (a) you are making the assumption the "hacker" hasn't just replaced shutdown entirely. (b) by just dumping the machine, you are not flushing the buffer cache back onto the hard drive. Whether this is Good or Bad depends on what your goal is. By doing this once when a friend accidently deleted a file (we hoped to power off the machine before the changes were flushed to disk) we managed to kill the filesystem beyond repair. (Well, ok, beyond the time limitations of college students. A professional data recovery firm probably could have saved most of the data.) -- http://sardonix.org/
This archive was generated by hypermail 2b30 : Wed Jun 19 2002 - 12:46:57 PDT