[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: secure installation

On Thu, 16 Aug 2007 18:21:59 -0500 (CDT)
"R. W. Rodolico" <rod@dailydata.net> wrote:

[snip]

> Firewalls are for a stupidity shield. I had a situation where I was
> cracked on one of my servers a few years ago. It was totally my fault; I
> had a user I had mistakingly set up as an authorized ssh user who
> shouldn't have been. Their account was cracked, then the cracker got root
> access and installed a daemon that was ready to attack another server.

Just curious; anyone can forget a user account, but how did the
attacker get root?

> R. W. "Rod" Rodolico

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: