-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,
Could you please paste /var/log/auth.log message of attack? Are you sure about it's not any bruteforce attack or similar? I think the problem is not in SSH server itself, it's in your server's security. Are you using weak password, and allowing direct root access to the server via SSH? If problem persists in your other servers, try to use fail2ban or similar. - -Ville 29.12.2011 16:04, Taz wrote: > Hello, we've got various debian servers, about 15, with different > versions. All of them have been attacked today and granted root > access. Can anybody help? We can give ssh access to attacked > machine, it seems to be serious ssh vulnerability. > > How can i contact openssh mnt? > > Thank you. > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJO/HokAAoJEFg15w+Y7E/mDL0IAItgyj5TSWgTILUE7l/cF7PS BwG71ypgQf/uMlsNnkbylspnvBj9edZfKfer844NvrG6yJbLw25sNI4eOLlvO1xQ nQJHwSNPhWVRHt3gwu5QlHSv0r0qbBdcXjQXDwqG6adp8qY3Qx7BIzvU0DThb08K Kbk0/4WcUHb7GtphJUIENPnyaC6xksb413fyT2RW3/m3xm7bRWqXH5bSAvs4/NIP 1m9oqxPO+HNnTF1U1KV+fdubLGIYeMHrskKSubBQ7U/+mn7/uhANT6Ke4XFtWsu8 Mgwr11j2/trCTxBNJvAEyjdpK2/vn+LRgNF12THOeCVFNQcgVyY+iWwGddY6IyU= =8DkS -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4efc7a24.3030...@tiensuu.eu
