It seems there is a major 0-day vulnerability doing the rounds and a lot of data is showing SSH as the attack vector, even though the exact vulnerability hasn’t been fully discovered yet or patched.
The vulnerability seems to mostly affect Redhat/CentOS with cPanel/Plesk installed but not exclusively which is why I thought I would post it here. We've taken the choice of locking down all public SSH access on all our customer servers. For more information on this vulnerability please see... http://www.webhostingtalk.com/showthread.php?t=1235797 http://seclists.org/oss-sec/2013/q1/326 https://bugzilla.redhat.com/show_bug.cgi?id=911937 http://forums.cpanel.net/f185/sshd-rootkit-323962.html Dan -- Find me online : http://www.dogsbody.info/ _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx