brute force ssh attack
Thomas Cameron
thomas.cameron at camerontech.com
Wed Apr 27 13:38:21 UTC 2005
----- Original Message -----
From: "Matthew Miller" <mattdm at mattdm.org>
To: "For users of Fedora Core releases" <fedora-list at redhat.com>
Sent: Wednesday, April 27, 2005 8:07 AM
Subject: Re: brute force ssh attack
> On Wed, Apr 27, 2005 at 03:02:41PM +0200, Daniel Kirsten wrote:
>> I use Fedora Core 3, and I installed all the updated rpm's.
>> I use a kernel 2.6.12-rc3-RT-V0.7.46-02 (Ingo Molnar's patch)
>
> Were there any interesting files in the users' home directories? (Look for
> hidden files too, of course -- maybe a hidden directory named ... or
> something.) Also check in /tmp and /var. And any luck with the
> .bash_history? (For both the users and for root....)
Especially /var/tmp - that's a common place for rootkits to live.
More information about the users
mailing list