On 01/25/2011 02:34 PM, Wolfgang S. Rupprecht wrote: > That lowered ssh security allowed a second intrusion at user > level (probably by password guessing) No need. Once they had root they could add a user and use that for their user-level work.