[CentOS] I've been hacked -- what should I do next?

Fri Dec 1 12:51:05 UTC 2006
Johnny Hughes <mailing-lists at hughesjr.com>

On Fri, 2006-12-01 at 07:31 -0500, Alfred von Campe wrote:
<snip>
> > I would also highly recommend that you do not use port 22 for ssh from
> > the outside ... pick a non standard port (like 3333 or 22222, etc.)  
> > and
> > add this option as well to sshd_config
> >
> > port 22
> > port 3333
> >
> > You can then port forward port 3333 from linksys to 3333 on your  
> > centos
> > machine ... you can ssh in via that port from outside and still use  
> > port
> > 22 from inside your firewall (via other machines inside your  
> > firewall).
> > (you will also need to open up port 3333 tcp on iptables if you have
> > iptables on).
> 
> What about simply forwarding a non standard port from my Linksys  
> router to port 22 on my CentOS system?  This way I wouldn't have to  
> reconfigure anything except for the router itself.

If you linksys will do that, yes it is perfect ... mine has very limited
port forwarding capability ... it only forwards a port (say 22) to the
same port on one machine.

No way to set more than 1 external IP or port forward 3333 -> 22 ...
3333 -> 3333 only  and  22 -> 22 only.  That is how mine works :(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20061201/89512732/attachment-0005.sig>