LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   compromised by SSH login (http://www.linuxquestions.org/questions/linux-security-4/compromised-by-ssh-login-232678/)

phennon 09-19-2004 06:53 PM

SSH login attempts must have succeeded
 
OK. I'm a TOTAL newbie.

My machine has been compromised in this way. I use ssh to connect ot school and work from home, mostly to move data around.
Right now there's a server listening on port 22 (well actually I've unplugged the box from the wall so no one is actually listening...)

Where do I start????

Thanks in advance.

Paula

Capt_Caveman 09-19-2004 06:58 PM

What makes you think you've been compromised? Please provide as much detail as possible.

Note: I'm making this into it's own thread, since the original is more of an info thread rather than forensics.

servnov 09-19-2004 08:03 PM

your box, like most by unix/linux is running ssh on port 22. This is so you can connect to port 22 on your machine...this is a service for you--thus its a server. You can drop/reject connections to your machine in a firewall/router, turn it off, or delete it. You will still have the ssh client which allows you to connect to other ssh servers. I doubt you have been 'hacked'.


All times are GMT -5. The time now is 05:39 AM.