roland wrote: > This is an old version of redhat workstation, just before fedora was > released. No wonder it was broken into then. Actually, if it hasn't been updated since 2003 it's something of a wonder if you haven't had any intrusions until now. Perhaps the intruders who have been using the box before have been more discreet so that you haven't noticed them. > I just wonder why this person/hacker is still trying to login with root > and other names. So he must have been unsuccessful the first time. What makes you think it's the same person? There are bots on compromised computers constantly scanning the Internet and trying to access any SSH servers they find. It's been going on for years. Do you have proof that the login attempts you see are something else? > From what you are saying I can understand that I should reinstall the > server, even if he is not successfully login in again? Yes you should. Once the system is compromised you can't trust anything in it. Unless the intruder is a complete bungler there is now a backdoor installed that lets him control the system no matter how many passwords you change. Your computer will be used for attacking other computers, churning out spam, or any number of other shady activities. Install the latest version of CentOS and set it up to receive updates automatically. Do not transfer any kind of executable code from the old system to the new one. Björn Persson
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines