Re: Box Cracked ( Was: thank's )

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les Mikesell wrote:
bob.smith@xxxxxxxxxxx wrote:

Something strange in those script? Something that lead you to think you've a rootkit installed?


I do this to get to know the system, I have been cracked many times and quite honestly have enough of it. Either I get to know my system deep down, or I run the box online all days all nights without protection.

The software included in the distro is fairly secure if you keep it up to date with frequent 'yum update' runs. If you have been cracked 'many times' it is likely to be because you have weak passwords that someone is guessing through ssh, or you haven't kept the system up to date as new exploits are discovered and fixed, or you have added 3rd party or your own programs (like a lot of php web stuff...) that are insecure and haven't kept them up to date.


I use ssh keys and/or vpn for remote logins. They authenticate the box, not the user, but that's enough for me.

fwiw I recently enabled smtp authentication for mail relaying. I see people using that to enumerate account/password combinations.

I've previously seen ssh and ftp used for that purpose.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxx

Please do not reply off-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux