Low level format
plug-discuss@lists.plug.phoenix.az.us
plug-discuss@lists.plug.phoenix.az.us
Fri, 25 Apr 2003 17:33:27 -0400 (EDT)
I believe that you should be able to do:
dd if=/dev/zero of=/dev/hda
dd if=/dev/urandom of=/dev/hda
Do that about 3 times. I imagine that it would be pretty difficult for
anything to be on the drive.
But, I think that you problem might actually reside in the BIOS... unless
you have a flash burner that might be a hard one.
--Ted
On Fri, 25 Apr 2003, Kyle Faber wrote:
>
> I have a client who has a nasty hacker problem. I have reason to believe
> that there is some sort of "sleeper" application inside some kind of hidden
> partition. I came to this conclusion after seeing evidence of the hack
> return on a repartitioned, formatted, disconnected machine. The hacked users
> returned, the machine begins to attempt to phone home. There is no evidence
> of any hidden partitions using linux fdisk.
>
> Any suggestions? I have heard some form of the dd command can be used to
> overwrite ALL information on this disk. Anyone have any tips for that? Or
> any tips in general, I am tearing my hair out on this one.
>
> Thanks a bunch!
> --
> Kyle Faber
> Account Manager
> EMR Internet
> kyle@emr.net
> 623-581-0842 voice
> 623-582-9499 fax
>
> **EMR Internet - Residential & Business Solutions for YOUR business! **
>
> * Dial-up
> * DSL
> * Web-hosting
> * Server Co-Location
> * Network Management
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>