If there happen to be multiple issues and i can't resolve them all immediatly, I can still just disable the vulnerable parts
-
-
Replying to @DPA168
...assuming you know all the vulnerable parts and that you can disable them without loss of functionality. This is not the case.
1 reply 0 retweets 0 likes -
Replying to @berendjanwever
loosing some functionallity is still better than loosing all of it. Also, everything has some vulnerabillities.
1 reply 0 retweets 0 likes -
Replying to @DPA168
My point exactly: would you rather have your service offline to protect it while you fix it or offline until you pay up and fix it?
1 reply 0 retweets 0 likes -
Replying to @berendjanwever @DPA168
That is assuming you can find out how they got in - if you don't you can expect another visit soon.
1 reply 0 retweets 0 likes -
Replying to @berendjanwever
Ok, in that case, I would take it offline. And I would probably temporarly replace it with a honeypot if possible.
1 reply 0 retweets 0 likes -
Replying to @DPA168
But assuming you are not omnipotent (are you?), others may be aware of problems in your systems. Would you want this kind of help?
1 reply 0 retweets 0 likes -
Replying to @berendjanwever
Assuming someone shuts down my servers, I could be clueless what happend. I probably couldn't determinate the cause/problem.
1 reply 0 retweets 0 likes -
Replying to @DPA168
Unless they left messages on the system explaining what happened and how to fix it, as suggested.
1 reply 0 retweets 0 likes -
Replying to @berendjanwever
In that case, I would be thankful for the help and wouldn't mind them shutting down the server. But I couldn't trust them.
1 reply 0 retweets 0 likes
Trust is not relevant: the distinction between option 1 and 2 is purely in the intend of the attacker.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.