[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: need help with openssh attack

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Could you please paste /var/log/auth.log message of attack?
Are you sure about it's not any bruteforce attack or similar?
I think the problem is not in SSH server itself, it's in your server's
security. Are you using weak password, and allowing direct root access
to the server via SSH?
If problem persists in your other servers, try to use fail2ban or similar.

- -Ville

29.12.2011 16:04, Taz wrote:
> Hello, we've got various debian servers, about 15, with different 
> versions. All of them have been attacked today and granted root 
> access. Can anybody help? We can give ssh access to attacked
> machine, it seems to be serious ssh vulnerability.
> 
> How can i contact openssh mnt?
> 
> Thank you.
> 
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJO/HokAAoJEFg15w+Y7E/mDL0IAItgyj5TSWgTILUE7l/cF7PS
BwG71ypgQf/uMlsNnkbylspnvBj9edZfKfer844NvrG6yJbLw25sNI4eOLlvO1xQ
nQJHwSNPhWVRHt3gwu5QlHSv0r0qbBdcXjQXDwqG6adp8qY3Qx7BIzvU0DThb08K
Kbk0/4WcUHb7GtphJUIENPnyaC6xksb413fyT2RW3/m3xm7bRWqXH5bSAvs4/NIP
1m9oqxPO+HNnTF1U1KV+fdubLGIYeMHrskKSubBQ7U/+mn7/uhANT6Ke4XFtWsu8
Mgwr11j2/trCTxBNJvAEyjdpK2/vn+LRgNF12THOeCVFNQcgVyY+iWwGddY6IyU=
=8DkS
-----END PGP SIGNATURE-----
Reply to: