Re: breakin help

To: debian-user@lists.debian.org
Subject: Re: breakin help
From: Kevin Mark <kmark+debian-user@pipeline.com>
Date: Mon, 13 Sep 2004 02:26:38 -0400
Message-id: <[🔎] 20040913062638.GE3656@debian.potter>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] ci1mfo$ui0$1@sea.gmane.org>
References: <[🔎] 20040912061947.GA16235@debian.potter> <[🔎] ci1mfo$ui0$1@sea.gmane.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Sep 12, 2004 at 10:29:39AM -0400, Adam Aube wrote:
> Kevin Mark wrote:
> 
<snip>
> 
> # Use SSH keys instead of passwords for authentication
> PubkeyAuthentication yes
> PasswordAuthentication no
> 
> 3) Report this attack to the owner of the IP block it came from (use whois
> to identify the owner). Include your SSH logs from the attack.
> 
> Adam
> 
Hi Adam and Stephan,
thanks for the excellant suggestions. I mod'ed the /etc/sshd as first
step. There are no top secret things on my system, so full reinstall is
not an urgency. I also checked 'top' for any unexpected processes and
there was none.of course if top,ps and the kernel were replaced, then
maybe I wouldn't know x-) I'd doing an dist-upgrade so 90% of the
packages are being upgrade which I think should fix any funny packages.
Cheers,
- -Kev
- -- 

        (__)
        (oo)
  /------\/
 / |    ||
*  /\---/\
   ~~   ~~
...."Have you mooed today?"...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBRT2dAWAAuqdWA9cRAg1iAJ46dS3dHaQUn+kYNsEfTkgZGX00VACeJDsm
oo/AcuNafGw0IQelvp+VAjo=
=X4em
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: breakin help
  - From: Adam Aube <aaube01@baker.edu>

References:
- breakin help
  - From: Kevin Mark <kmark+debian-user@pipeline.com>
- Re: breakin help
  - From: Adam Aube <aaube01@baker.edu>

Prev by Date: Re: change hostname
Next by Date: Re: change hostname
Previous by thread: Re: breakin help
Next by thread: Re: breakin help
Index(es):
- Date
- Thread