Submitted by rich_c on June 12, 2010 - 5:05am
I just read a pretty plausible sounding account on the Mepislovers forum of a Mepis box getting cracked.
According to the post in question, the person's ISP advised them that their machine was sniffing around the subnet for open SSH ports. The Mepis user in question then discovered that BruteSSH had been installed on their machine. It would appear this was done by virtue of the user having port 22 forwarded from their router and an unfortunately weak user id/password combination. This allowed a malicious individual to gain access and install BruteSSH.
It just so happens that in the Tutorials>Tips section of this very site, there are some suggestions that would have made this attack near impossible. The moral of the story, don't open your machine up to the internet unless you're reasonably satisfied you've taken precautions to prevent unauthorised access.
- rich_c's blog
- Login to post comments
