On Wed, Aug 6, 2008 at 3:06 PM, Bent Terp <bent at terp.se> wrote: > On Wed, Aug 6, 2008 at 8:29 AM, Noob Centos Admin > <centos.admin at gmail.com> wrote: > > Since I followed some of the rules about SSH and used a non-standard port > > for SSH and disable SSHD listening on the default port 22, I've no way > back > > IMNSHO that's not particularly effective - much better to set up SSH > keys and either set > 'PermitRootLogin without-password' in /etc/ssh/sshd_config; or > set 'PermitRootLogin no', and then su or sudo from your regular user - > I know the latter IS more secure, but it's also more annoying to work > with.... I did that too, no root login and everytime I have to su from normal user. It is a pain to work with especially with having to use full pathnames for commands instead of say just doing a "service httpd restart". But I figured it was better safe than sorry and as well as I can do since I could not figure out how to properly create a self-sign SSL cert. Remember to reinstall from scratch if your server has been compromised > - there are thousands of dark dusty corners for the bugs to hide, once > they're inside, so don't expect to be able to flush them out. > Well, the thing is I'm not sure if it's compromised since now it became obvious that the iptables is just being reset by the apf settings.. which is at the moment a good thing since on reboot, apf re-added the lines to disable the firewall every 5 minutes so I'm able to get back into the server. Now I just have to figure out where exactly can I add the block for the offending VNSL IP address and have it work without choking up. However, I decided to try whatever it is on Saturday so clients won't be hopping mad why everything's dead. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080806/d3013a63/attachment-0005.html>