Yes, a can of worms... But general direction would be nice...

Gabriel Gunderson gabe at
Wed Jul 15 10:48:02 MDT 2009

On Wed, Jul 15, 2009 at 9:32 AM, Corey Edwards<tensai at> wrote:
>> Well, I guess if you had md5/sha1 sums (that you can trust) of every
>> file on your system and you're willing to go file-by-file and verify
>> them when mounted on a trusted system (*not* the one that was hacked),
>> then, maybe, you could sleep again at night knowing all is well.
> Even then, you have to be confident that the md5 sums you have are from
> *before* the hack. What if they broke in long before realized it and you
> have no reliable backups?

Right, if you read the above, you'll see that the suggestion is to use
md5/sha1 sums *that you can trust*.  This implies that you made them
after a clean install (or before you plugged it into the interwebs).

I only point this out because I got 2 responses that start with "Even
then," and then go on to cover items that I already mentioned ;)


More information about the PLUG mailing list