Date: Sat, 14 Apr 2007 14:18:56 +0200 From: Gabor Kovesdan <gabor@FreeBSD.org> To: Jim Stapleton <stapleton.41@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Given this evidence, should I be worried that I may have been hacked Message-ID: <4620C6B0.6090002@FreeBSD.org> In-Reply-To: <80f4f2b20704140509w6546e0dcqd54e302fbecb5ed7@mail.gmail.com> References: <80f4f2b20704140425w2631ee3co5547b772f6c972e8@mail.gmail.com> <4620BC95.3070107@FreeBSD.org> <80f4f2b20704140509w6546e0dcqd54e302fbecb5ed7@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jim Stapleton schrieb: > I have DSA. I will change it to a nonstandard port, but I was > wondering what your oppinion on a good way to check if this is the > result of me being hacked, or just someone loosing interest. > Well, I think the latter. If you have an up-to-date system with up-to-date packages, you should not be too much worried, I think brute-force is useless if one uses strong passwords. I'd check auth-log and the output of last(1) if that says something, but you can never be sure. So I'd say just be happy, that they stopped trying, but don't give up the regular maintainence so that your system be as secure as it can be. :) Oh, and you can try port-knocking as well to secure the sshd port. If you don't know what it is, just google for it. Gabor
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4620C6B0.6090002>