Jim Stapleton wrote:
I have DSA. I will change it to a nonstandard port, but I was wondering what your oppinion on a good way to check if this is the result of me being hacked, or just someone loosing interest.
If you are hacked, then something might or might not be going on your system (check for unusual stuff, like rise in number of processes, or disk usage, or network traffic, and think about it). You know how your system behave on day to day, do you?
Nevertheless generally speaking, 99.99% of these brute attempts to get ssh access is coming from various zombies, blindly trying out port 22, that's why the port change is usual advice. There are easier ways on how to get inside than just bruteforcing via login credentials wild guessing. For example take unsecured web server with some full-of-bugs content management system. Exploiting a vulnerability will allow someone (this time definitely not a zombie) to get into the system and go forward with any dark actions he/she might have in the mind.
nice sunny weekend, Martin _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"