attack 2
Edward Dekkers
edward at tripled.iinet.net.au
Wed May 11 07:23:26 UTC 2005
Arthur Pemberton wrote:
> Thomas Cameron wrote:
>
>>> Hello everyone,
>>>
>>> Panic...
>>>
>>> I noticed accepted passwords for different users, such as root, myself
>>> and another one, coming from outside:::ffff:213.219.168.50
>>>
>>> How is that possible?
>>> Can I detect somehow what he/she did?
>>>
>>> In the mean time I changed passwords.
>>
>>
>>
>> You're 0wn3ed. That is no longer your machine. You need to blow it
>> away and reload the OS.
>>
>> This time, use strong passwords. And disable root loging via SSH.
>>
> Is it possible to get root logins dissabled in Fedora by default by now?
>
>> Thomas
>
>
>
Is ssh even enabled by default? It shouldn't be unless specifically set
up properly by the user.
Use authorization keys instead of passwords for ssh wherever possible.
Regards,
Ed.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: edward.vcf
Type: text/x-vcard
Size: 363 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050511/6ddf89c2/attachment-0001.vcf>
More information about the fedora-list
mailing list