--- Steve <[EMAIL PROTECTED]> wrote: > Just a note, for in the future what I have done is moved SSH > to an obscure port way off in the boonies. Never had an SSH > attack attempt since doing so. > But yeah everyone is correct, wipe that puppy and re-install > clean.
Moving SSH to a different port might help, but it's not terribly difficult to detect. Whether you do that or not, I'd recommend that you disable password authentication and require public key. I haven't had an attack attempt since I did that. And yes, your best bet after a successful attack is to wipe the box and re-install. PGP Key ID: 071B173D Fingerprint: ED30 B048 6833 56B4 28C0 CE52 F12B 884A 071B 173D /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
