Re: Help needed - server hacked twice in three days (and I don't think I'm a newbie)
On Thu, Jul 21, 2005 at 11:49:53PM +0200, Karsten Dambekalns wrote:
> Another question came up here. Is it really likely to be a SSH brute force
> break in, or could the attacker have been able to log in some other way? What
> is currently possible in that respect on a machien that runs ssh, apache,
> php, exim and nothing else (all as of Debian 3.1)?
There are lots of insecure web applications out there. One idea could be to look
for security advisories for web applications you use, or even audit them yourself.