• @nevemsenki@lemmy.world
    link
    fedilink
    English
    611 months ago

    Downsides include : if any intrusion happens on the server, red team just needs to reboot it to wipe evidence.

    • Perhyte
      link
      fedilink
      English
      4
      edit-2
      11 months ago

      If they have the root access typically needed to reboot a server1 they could also just wipe the logs without rebooting.

      1: GUIs typically have a way to reboot without such privileges, but those are typically not installed on machines just used as servers.