Re: Help needed - server hacked twice in three days (and I don't think I'm a newbie)

[Ulf Harnhammar <metaur@telia.com>]

On Thu, Jul 21, 2005 at 11:49:53PM +0200, Karsten Dambekalns wrote:
> Another question came up here. Is it really likely to be a SSH brute force 
> break in, or could the attacker have been able to log in some other way? What 
> is currently possible in that respect on a machien that runs ssh, apache,
                                                                    ^^^^^^
> php, exim and nothing else (all as of Debian 3.1)?
  ^^^

There are lots of insecure web applications out there. One idea could be to look
for security advisories for web applications you use, or even audit them yourself.

// Ulf