On 15-08-2014 11:39, Scott Bonds wrote: > I thought I was being reasonably careful: ssh disabled for root, > key-only login on my admin account, following stable, etc...then again, > I'm running owncloud and a bunch of other (no doubt less secure) > software. Perhaps I should separate the router and 'everything else' > roles, so that the router only has builtin OpenBSD software on it, no > packages. Then again, whatever the exploit, they could probably still > use it on the newly separated 'everything else' box. Anyway, I clearly > have a lot to learn about security. Don't forget to check your own machine, not just your OpenBSD server. It's more often than not the point of origin of the attack. If your machine is compromised, reinstalling your server won't do anything, since they'll reinfect it again.
Cheers, -- Giancarlo Razzolini GPG: 4096R/77B981BC [demime 1.01d removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]