[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 10/08/10 19:21, Gordon Henderson wrote: > > 's what I do when a site has changed - although I tend to simply delete > the known_hosts file from time to time... What is the advantage in this? > I discovered a clients server with a hacked version of sshd installed > recently... Still no idea how they got in or got root privs. to make the > changes. Very frustrating. Hmm, curious I wonder why "sshd", I can understand hacking the "ssh" client, since then one can harvest passwords and passphrases. But I'd have thought sshd had few advantages, maybe they were adding a backdoor, or to configure keylogger when a shell is spawned. Did you identify the malware? -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq