[CentOS] Help: Server security compromised?

Wed Aug 6 07:06:05 UTC 2008
Bent Terp <bent at terp.se>

On Wed, Aug 6, 2008 at 8:29 AM, Noob Centos Admin
<centos.admin at gmail.com> wrote:
> Since I followed some of the rules about SSH and used a non-standard port
> for SSH and disable SSHD listening on the default port 22, I've no way back

IMNSHO that's not particularly effective - much better to set up SSH
keys and either set
'PermitRootLogin without-password' in /etc/ssh/sshd_config; or
set 'PermitRootLogin no', and then su or sudo from your regular user -
I know the latter IS more secure, but it's also more annoying to work
with....

> So I'm now prepping for a long ride to the IDC if a reboot doesn't help my
> stupidity.

Remember to reinstall from scratch if your server has been compromised
- there are thousands of dark dusty corners for the bugs to hide, once
they're inside, so don't expect to be able to flush them out.

Good luck!
/Bent