[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Server compromissed

From: Alan Horn <ahorn deorth org>
To: For users of Fedora Core releases <fedora-list redhat com>
Cc:
Subject: Re: Server compromissed
Date: Fri, 18 Feb 2005 16:25:34 -0800 (PST)

On Fri, 18 Feb 2005 paul topguncomputers com wrote:

In replace of FTP what would you suggest. That is the only clear text
password service I allow. So what else can I use in replace of that.

And shell access is denied for all accounts. except for 2.

I get the feeling this came in on awstats all though I'm not 100% positive
and I'm wanting to find out how it got in first before I just delete and
restart over again.

The only time I've had a linux box compromised, it came in via a poorly configured ftp. What ftp server are you using ? I had a wu-ftp (IIRC) online for about 20 minutes and a rootkit was installed in that time.

Cheers,

Al

Follow-Ups:
- Re: Server compromissed
  - From: paul

References:
- Server compromissed
  - From: paul
- Re: Server compromissed
  - From: Leonard Isham
- Re: Server compromissed
  - From: paul

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]