Re: Box Cracked ( Was: thank's )

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les Mikesell wrote:
bob.smith@xxxxxxxxxxx wrote:

Something strange in those script? Something that lead you to think you've a rootkit installed?


I do this to get to know the system, I have been cracked many times and quite honestly have enough of it. Either I get to know my system deep down, or I run the box online all days all nights without protection.

The software included in the distro is fairly secure if you keep it up to date with frequent 'yum update' runs. If you have been cracked 'many times' it is likely to be because you have weak passwords that someone is guessing through ssh, or you haven't kept the system up to date as new exploits are discovered and fixed, or you have added 3rd party or your own programs (like a lot of php web stuff...) that are insecure and haven't kept them up to date.


I use ssh keys and/or vpn for remote logins. They authenticate the box, not the user, but that's enough for me.

fwiw I recently enabled smtp authentication for mail relaying. I see people using that to enumerate account/password combinations.

I've previously seen ssh and ftp used for that purpose.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxx

Please do not reply off-list

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux