[Spce-user] iptables issue
George Mason
george.mason at xoomtalk.com
Wed Apr 20 13:22:42 EDT 2016
Hi Jonathan
I would strongly advise against *ever* using password based SSH
authentication - even if using fail2ban I would not expose a server to
the Internet without public key authentication enabled (and password
authentication disabled).
More info available here: https://macnugget.org/projects/publickeys/
*George Mason**
Technical Director*
<http://www.xoomtalk.com> *Tel:
Mob:
Fax:
Web:* +44 (0)1273 900090
+44 (0)7966 403353
+44 (0)1273 900091
www.xoomtalk.com <http://www.xoomtalk.com/>
On 20/04/2016 18:00, Jonathan Yue wrote:
> It's the ssh access that was hacked. I suddenly noticed an established
> ssh connection from Asia. since I disabled root login in ssh right
> after install, the hacker must somehow have got my login password. in
> a haste, I reverted the VM to a previous snapshot, so I can't analyze
> how hacking happened now.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160420/ffdabbfe/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xoomtalk-email-logo.jpg
Type: image/jpeg
Size: 24096 bytes
Desc: not available
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160420/ffdabbfe/attachment-0001.jpg>
More information about the Spce-user
mailing list