Hi. On Thursday 21 July 2005 20:31, Andras Got wrote: > The users, the ones the machines was hacked, were they existing users on > the machine?
I don't know which user account got hacked, if this was what has happened. > Do you use AllowUsers or AllowGroup? No. I hate to admit I didn't know that this is possible. Take back the newbie statement I made earlier. But if a legitimate user account got hacked, this wouldn't have helped, right? > Do you use DSA/RSA key only auth method? Now I do. And it will stay that way, customers have to step back. > 2.6.7 is vulnerable, 2.4.18 is also... use vanilla kernels with grsec! Now I know. Seems reading bugtraq and the Debian security announce isn't enough. Or I started to late. Or I read too fast. :( Karsten -- This email is ROT26 encrypted, by reading it you are in violation of the DMCA, and should turn yourself in to the authorities immediately. (Chris Berry) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]