how to tell when you have a hacker?

Mike bmike101 at cox.net
Fri Feb 17 22:21:59 MST 2006


My password is more complex than a name. (it isn't even a word). But please do 
share with me how to check if ssh is open, what port it is on, and how to 
change it..... HEY look at that! sshd must be where to do that. Is all I have 
to do is change the number by the word 'Port'? (it has a 22 next to it now)

Then there is the line that says: 'permit root login yes' Should I change that 
one to no? If I do that what will happen to sudo and when I need to log roots 
account into a termnal?

On Friday 17 February 2006 11:48 pm, Craig White wrote:
> you've only been on the hsi for about a week and it's not likely your
> box was cracked already but if you are using something really simple for
> a password like mike or password and you have ssh open and on standard
> port 22, it's not going to take all that long for someone to hack their
> way in.
>
> Also, you probably want to make certain that root can't log in via
> password in sshd_config and all the rage now on Fedora/RHEL is denyhosts
> package which automatically adds entries for ip addresses with 5 (or
> configurable) consecutive failed login attempts in ... hosts.deny (duh)
> Also, I've found it more peaceful to change the ssh port to something
> above 1024.



More information about the PLUG-discuss mailing list