[CentOS] I've been hacked -- what should I do next?

Fri Dec 1 14:52:37 UTC 2006
centos at 911networks.com <centos at 911networks.com>

On Fri, 1 Dec 2006 08:51:02 -0500
Steve Huff <shuff at vecna.org> wrote:

> let me add another suggestion to the flood: once you've rebuilt
> the box, install DenyHosts (http://denyhosts.sourceforge.net/).
> this tool is quite effective at blocking brute-force ssh attacks;
> not only will this make it much harder for an attacker even if you
> should happen to set a weak password on an account in the future,
> but it will also reduce the amount of CPU time and memory wasted on
> dealing with brute-force ssh attacks.


Bastille is an interactive program that will guide you on how to
lock-down your boxes. They even have an OsX beta version.

It goes into even more area than was mentioned by the others. It asks
you questions with very extensive explanations and then will apply
the changes for you at the end.

The SQL knowledge base