On Sat 27 Aug 2011 at 17:16:16 +0100, Joe wrote: > On Sun, 28 Aug 2011 01:05:47 +1000 > yudi v <yudi....@gmail.com> wrote: > > > > how can I find out if this system has been compromised? > > You can try chkrootkit and rkhunter, but the latter at least works
A natural history expedition searching for unicorns and dodos would have as much success as these two programs are likely to have. > > what are the steps I need to take to secure it? > > As you say, deny root logins, but I would strongly recommend dropping > passwords altogether and using keys. If you connect from Windows, you Keys and passwords each have their place. One is not inherently more secure than the other. > (currently I believe) can't use *nix-generated keys. The change of port > number is often denigrated as 'security by obscurity', but then what > else is a digital certificate? If running ssh on an obscure port > prevents pretty much all automated password brute-forcing (and it does) > then you're better off than many other people have been. You are most probably correct. On a higher port number sshd will experience fewer probes. But it was secure on port 22 anyway, so there doesn't seem much point in moving it in that regard. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110827184308.GG4474@desktop