The data of important files to be saved can be scanned for viruses.
It's the operating system files that have to be wiped clean.
Unless it's a problem of a server with many computers, then it's like athletes foot. Perhaps if there's many computers, take them all offline, then put up one new installed operating system at a time, modularly. Someone else will have to give you advice on that. You may need to check that infected harddisk mounted as read-only to get an idea of where it came from, to prevent it better.
Also, if you know which port it came in through, use the firewall pf, ipfw and/or ipf to block network activity on that port if it's not needed for the future.
IPFW can be turned on by setting this in rc.conf:
Then you can have an additional firewall of PF or IPF, to lock down more on it.
It's the operating system files that have to be wiped clean.
Unless it's a problem of a server with many computers, then it's like athletes foot. Perhaps if there's many computers, take them all offline, then put up one new installed operating system at a time, modularly. Someone else will have to give you advice on that. You may need to check that infected harddisk mounted as read-only to get an idea of where it came from, to prevent it better.
Also, if you know which port it came in through, use the firewall pf, ipfw and/or ipf to block network activity on that port if it's not needed for the future.
IPFW can be turned on by setting this in rc.conf:
Code:
firewall_enable="YES"
firewall_type="workstation"
# "server", "client" or other settings can also be used here.
# Only if these custom firewalls allow the traffic that you need
Then you can have an additional firewall of PF or IPF, to lock down more on it.