Well, when you get hacked, there are usually backdoors installed, binarys replaced, sometimes the kernel is bugged. Also sometimes binarys wont allow you to replace them. Just by replacing binarys you still could have multiple holes left in the box. I dont recommend it.
Steven Ciaburri | Industry's Best Server Management- Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
Originally posted by dbbrock1 Let's say a couple binarys have been infected. Will it temporarly fix the problem if I simply move a good version of the binary from the other machine over to the compromised server?
If you could be sure that those binaries were the only things that the intruder touched, there would be no problem if you just replaced them (of course, if you already closed the hole that the hacker used to get in, first place).
Unfortunately, in 99% of the cases you can't know for sure what was touched, as logs and system files can be changed to mask that. So, if you have important data in the server, I'd recommend you a full restore.
Once youíre hacked, the system canít be trusted anymore. You canít rely on chkrootkit, MD5 hashes, binary sizes, etc. The best thing to do is reinstall from a backup, and even then you still might not be safe.