[Wolves] Hacking attempt - what next
reload at brum2600.net
Mon Dec 8 11:14:25 UTC 2008
> Hi Guys,
> I left the port for ssh open on my router for only siz hours while I did
> some work from home (first time I've done it in three years)
> and logs show that some Russian signed in to a user account and may or
> may not have downloaded some stuff.
Always a good idea to change the port that ssh binds to there are many
scanners out there looking for port 22.
# What ports, IPs and protocols we listen for
Port [your port number here]
just remember that will now be your ssh port on your router.
you can try running rkhunter if only for interest.
Then get the CD out reinstall and restore your user account files from a
back up (of course we all have backups)
What's your ISP ??
More information about the Wolves