On Fri, 18 Feb 2005 paul@xxxxxxxxxxxxxxxxxxx wrote:
In replace of FTP what would you suggest. That is the only clear text password service I allow. So what else can I use in replace of that.
And shell access is denied for all accounts. except for 2.
I get the feeling this came in on awstats all though I'm not 100% positive and I'm wanting to find out how it got in first before I just delete and restart over again.
The only time I've had a linux box compromised, it came in via a poorly configured ftp. What ftp server are you using ? I had a wu-ftp (IIRC) online for about 20 minutes and a rootkit was installed in that time.
Cheers,
Al
