[vox-tech] Password Security...
Ryan
vox-tech@lists.lugod.org
Sat, 1 May 2004 14:20:54 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 01 May 2004 09:34 am, William Perdue william-at-williamperdue.c=
om=20
|lugod| wrote:
> Hello, I'm William...
>
> I've been having some trouble with my security in my server.... I am
> running Red Hat Linux 9 with the Linux SSH Client software.
>
> Looking through my logs, I found that a hacker got hold of my Root
> password... it was _not_ the default (it was 17 characters) .... the serv=
er
> sits behind my router with a local IP address
>
> My Firewall is set at a high level and The Server config is far from the
> defaults...
>
> My Question: could they have obtained my root password?..
I got nailed last august after logging into my box from the shell server at=
=20
XXXXXXX, which had a rootkit on it that was intercepting passwords and what=
=20
not being fed to the ssh client.
Have you SSHd to your computer from any systems you don't fully trust?
Also, it is adviseable to disable root logins in SSH unless you need them.
- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90 34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177BC=
7`
Also available at http://www.XXXXXXX/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAlBS2Ed9E83IXe8cRAhUvAJ96zsXVIx84QK38GHz9RhXfkbyIjACgtgde
0/OsGYEUhDh3VkEZu6rzJm8=3D
=3Dvaox
-----END PGP SIGNATURE-----