[CentOS] Help: Server security compromised?

Bent Terp bent at terp.se
Wed Aug 6 07:06:05 UTC 2008

On Wed, Aug 6, 2008 at 8:29 AM, Noob Centos Admin
<centos.admin at gmail.com> wrote:
> Since I followed some of the rules about SSH and used a non-standard port
> for SSH and disable SSHD listening on the default port 22, I've no way back

IMNSHO that's not particularly effective - much better to set up SSH
keys and either set
'PermitRootLogin without-password' in /etc/ssh/sshd_config; or
set 'PermitRootLogin no', and then su or sudo from your regular user -
I know the latter IS more secure, but it's also more annoying to work

> So I'm now prepping for a long ride to the IDC if a reboot doesn't help my
> stupidity.

Remember to reinstall from scratch if your server has been compromised
- there are thousands of dark dusty corners for the bugs to hide, once
they're inside, so don't expect to be able to flush them out.

Good luck!

More information about the CentOS mailing list