Given this evidence, should I be worried that I may have been
hacked
Gabor Kovesdan
gabor at FreeBSD.org
Sat Apr 14 12:19:17 UTC 2007
Jim Stapleton schrieb:
> I have DSA. I will change it to a nonstandard port, but I was
> wondering what your oppinion on a good way to check if this is the
> result of me being hacked, or just someone loosing interest.
>
Well, I think the latter. If you have an up-to-date system with
up-to-date packages, you should not be too much worried, I think
brute-force is useless if one uses strong passwords. I'd check auth-log
and the output of last(1) if that says something, but you can never be
sure. So I'd say just be happy, that they stopped trying, but don't give
up the regular maintainence so that your system be as secure as it can
be. :)
Oh, and you can try port-knocking as well to secure the sshd port. If
you don't know what it is, just google for it.
Gabor
More information about the freebsd-questions
mailing list