[Spce-user] iptables issue

George Mason george.mason at xoomtalk.com
Wed Apr 20 13:22:42 EDT 2016

Hi Jonathan

I would strongly advise against *ever* using password based SSH 
authentication - even if using fail2ban I would not expose a server to 
the Internet without public key authentication enabled (and password 
authentication disabled).

More info available here: https://macnugget.org/projects/publickeys/

*George Mason**
Technical Director*

<http://www.xoomtalk.com> 	*Tel:
Web:* 	+44 (0)1273 900090
+44 (0)7966 403353
+44 (0)1273 900091
www.xoomtalk.com <http://www.xoomtalk.com/>

On 20/04/2016 18:00, Jonathan Yue wrote:
> It's the ssh access that was hacked. I suddenly noticed an established 
> ssh connection from Asia. since I disabled root login in ssh right 
> after install, the hacker must somehow have got my login password. in 
> a haste, I reverted the VM to a previous snapshot, so I can't analyze 
> how hacking happened now.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160420/ffdabbfe/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xoomtalk-email-logo.jpg
Type: image/jpeg
Size: 24096 bytes
Desc: not available
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160420/ffdabbfe/attachment-0001.jpg>

More information about the Spce-user mailing list