Server compromissed
Alan Horn
ahorn at deorth.org
Sat Feb 19 00:25:34 UTC 2005
On Fri, 18 Feb 2005 paul at topguncomputers.com wrote:
> In replace of FTP what would you suggest. That is the only clear text
> password service I allow. So what else can I use in replace of that.
>
> And shell access is denied for all accounts. except for 2.
>
> I get the feeling this came in on awstats all though I'm not 100% positive
> and I'm wanting to find out how it got in first before I just delete and
> restart over again.
The only time I've had a linux box compromised, it came in via a poorly
configured ftp. What ftp server are you using ? I had a wu-ftp (IIRC)
online for about 20 minutes and a rootkit was installed in that time.
Cheers,
Al
More information about the fedora-list
mailing list