Re: Help needed - server hacked twice in three days (and I don't think I'm a newbie)
Hi.
On Thursday 21 July 2005 22:39, Andras Got wrote:
> It's important to know whether it's an existing account, imho.
Yes. It is, because if it's not, it's not about cracking passwords, but
something else. Ugh.
> >>Do you use AllowUsers or AllowGroup?
> >
> > No. I hate to admit I didn't know that this is possible. Take back the
> > newbie statement I made earlier. But if a legitimate user account got
> > hacked, this wouldn't have helped, right?
>
> Right, but if not... I suggest, You should also turn on privilege
> separation and strict mode in sshd, it they are not enabled.
Yes, true. I added AllowUsers already, the other settings were already active.
Karsten
--
This email is ROT26 encrypted, by reading it you are in violation of the
DMCA, and should turn yourself in to the authorities immediately.
(Chris Berry)
Reply to: