Dec 7, 2011 5:58 AM Lamar Owen <lo...@pari.edu> 작성:
> On Tuesday, December 06, 2011 04:45:04 PM Johnny Hughes wrote: >> If I had to guess, I would say that the attackers probably developed >> their code on CentOS, so they were looking for a CentOS machine to >> deploy their code on in the wild. That would be why I would say CentOS >> was the OS used. > > I read the Kaspersky article and the comments, and the use of 'up2date' in > the transcript could possibly point to someone used to upstream EL. But it > does illustrate three major points: > 3.) Keep good passwords. This can't be stressed enough: if your password was > successfully brute-forced it is now in the brute-forcer's *dictionary* of > passwords to try in the future and should never be used again, regardless of > how secure it might seem. I happen to have a copy of an older brute-forcer > dictionary here (somewhere) and it's very large and has lots of very > secure-seeming passwords in it. > Why not don't allow root login from ssh? That's basic yet effective. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
