> The funny thing is that this box has no Virtual sites and no ftp but
> Telnet enabled on it. I can't see how they would have accessed the root
> shell. We continously change our paswwords on a rolling week basis and to
> be honest rarely telnet to the box anyway.
Have you portscanned the box to see what other services are running?
Telnet should NEVER be used. It isn't secure. Install and use SSH.
www.openssh.com
M
_______________________________________________
cobalt-security mailing list
[EMAIL PROTECTED]
http://list.cobalt.com/mailman/listinfo/cobalt-security
