Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

possible hacking?



Kent Borg wrote:
> At a former job we had an unmaintained Linux machine with ssh on a
> high port, and it got cracked.
> 
> On my basement server I have ssh on the regular port, but I use strong
> passwords.

We had an issue where we were compromised because of a keylogger on a
customer's server (we ssh'd into one of our servers from the client
machine as root, and the password was logged). This is why you should
always turn of any access from outside the firewall by anyone but root,
and never even su to root. sudo should always be just enough to get done
what you need to get done. We had a strong password, but that is no help
if someone can record what you're typing. We have not had an incident
since we turned off root access from outside.
I learned my lesson.
Grant M.
-- 
Grant Mongardi
Systems Engineer
NAPC

gmongardi at napc.com
http://www.napc.com/
781.894.3114 phone
781.894.3997 fax


NAPC | technology matters




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org