What steps should be taken once the system is compromised like this?
Obviously, close the port to the outside internet, change the LMS
password.  What can be analyzed in the logs? Change User login
passwords?


I don't think there's anything interesting being logged by default, as those accesses would be treated like any access you do.

As of today I don't know whether anything could have happened to you and your installation other than the nightly annoyance. Close the ports on the router. That should be all you need to do.

If you decide to want to have access to your LMS from the outside, set up a VPN.

--

Michael
_______________________________________________
Squeezecenter mailing list
Squeezecenter@lists.slimdevices.com
http://lists.slimdevices.com/mailman/listinfo/squeezecenter

Reply via email to