[CentOS] server is always getting hacked
magawake at gmail.com
Sat Jun 27 19:21:25 UTC 2009
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).
Is there a good place to start to avoid these kinds of things?
For example, here is what I already did.
Open up sshd port only
setup iptables to only accept port 80 and 22
No other ports are allowed according to IP Tables.
I am not sure what else measures I can take. Can someone please assist?
More information about the CentOS