On Mon, 23 Jan 2012, Brad Hudson wrote:
And then he noticed the note about ssh dying if the file is not
writable ...
Considering the ssh crash I would agree that ssh could be
compromised. The best thing to do would be to re-install all ssh/ssl
related packages.
I suspect the best thing would be to assume the worst: all passwords
and private keys on that box are compromised.
I'd get it off-line, clone it for forensics, and repave it as soon as
possible. Then talk to anyone with user credentials on that account
and make provision for changing passwords and re-generating any
private keys.
--
Paul Heinlein <> [email protected] <> http://www.madboa.com/
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
