The hack came in through ssh.
IMO, your best defence is an extremely strong root password; I am often
mortified by looking at my logs and seeing all of the login attempts through
SSH.
OT: I am not up on Linux script-kiddie type tools, but I assume that there is a script of some sort that automates SSH probes. Can anyone suggest a good counter i.e. honeypot or throttling logon attempts. Yes, I know I can google it, but I'd rather hear the opinion of real Linux experts rather than the "experts" at About.com.
Most scripts use port 22 as it would be too big a task to scan for ssh on all ports, so I run my ssh server way above port 1024.
This has, touch wood, prevented any unusual activity in the last few months.
Chris. _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
