[CentOS] I've been hacked -- what should I do next?

Fri Dec 1 14:11:21 UTC 2006
David Hrbác( <hrbac.conf at seznam.cz>

Steve Huff napsal(a):
> let me add another suggestion to the flood: once you've rebuilt the box,
> install DenyHosts (http://denyhosts.sourceforge.net/).  this tool is
> quite effective at blocking brute-force ssh attacks; not only will this
> make it much harder for an attacker even if you should happen to set a
> weak password on an account in the future, but it will also reduce the
> amount of CPU time and memory wasted on dealing with brute-force ssh
> attacks.

My suggestion is pam_abl.