What steps should be taken once the system is compromised like this? Obviously, close the port to the outside internet, change the LMS password. What can be analyzed in the logs? Change User login passwords?
I don't think there's anything interesting being logged by default, as those accesses would be treated like any access you do.
As of today I don't know whether anything could have happened to you and your installation other than the nightly annoyance. Close the ports on the router. That should be all you need to do.
If you decide to want to have access to your LMS from the outside, set up a VPN.
-- Michael _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
