[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Help needed - server hacked twice in three days (and I don't think I'm a newbie)


On Thursday 21 July 2005 22:39, Andras Got wrote:
> It's important to know whether it's an existing account, imho.

Yes. It is, because if it's not, it's not about cracking passwords, but 
something else. Ugh.

> >>Do you use AllowUsers or AllowGroup?
> >
> > No. I hate to admit I didn't know that this is possible. Take back the
> > newbie statement I made earlier. But if a legitimate user account got
> > hacked, this wouldn't have helped, right?
> Right, but if not... I suggest, You should also turn on privilege
> separation and strict mode in sshd, it they are not enabled.

Yes, true. I added AllowUsers already, the other settings were already active.

This email is ROT26 encrypted, by reading it you are in violation of the
DMCA, and should turn yourself in to the authorities immediately.
                                                           (Chris Berry)

Reply to: