Re: ssh2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



roland wrote:
> This is an old version of redhat workstation, just before fedora was
> released.

No wonder it was broken into then. Actually, if it hasn't been updated since 
2003 it's something of a wonder if you haven't had any intrusions until now. 
Perhaps the intruders who have been using the box before have been more 
discreet so that you haven't noticed them.

> I just wonder why this person/hacker is still trying to login with root
> and other names. So he must have been unsuccessful the first time.

What makes you think it's the same person? There are bots on compromised 
computers constantly scanning the Internet and trying to access any SSH 
servers they find. It's been going on for years. Do you have proof that the 
login attempts you see are something else?

>  From what you are saying I can understand that I should reinstall the
> server, even if he is not successfully login in again?

Yes you should. Once the system is compromised you can't trust anything in it. 
Unless the intruder is a complete bungler there is now a backdoor installed 
that lets him control the system no matter how many passwords you change. 
Your computer will be used for attacking other computers, churning out spam, 
or any number of other shady activities.

Install the latest version of CentOS and set it up to receive updates 
automatically. Do not transfer any kind of executable code from the old 
system to the new one.

Björn Persson

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux