Date: Thu, 9 Aug 2001 10:31:26 +0200 (CEST) From: =?iso-8859-1?q?m=20p?= <sumirati@yahoo.de> To: bsd2000au@yahoo.com.au Cc: freebsd-questions@freebsd.org Subject: Re: Ive been hacked-is sshd enabled by default in 4.3-release? Message-ID: <20010809083126.47722.qmail@web13305.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
> Hi all, > trying to seal up cracks in my system (got web site > hacked) > I notice ps-ax shows sshd enabled. > Is it default or has someone done it? > How do I check if SSH has been inserted into a user? > Any other tips? > Thanks > Keith > Hi Keith, if you have ever enabled ssh in your /etcrc.conf using sshd_enable="YES" it is running. I think (don't know for sure) for FreeBSD 4.3 if you select HIGH security in sysinstall during installation it is enabled. For medium I'm not sure but think that it is enabled too. If you are ever able to insert ssh INTO a user let me know how you have done it. ;) If you have been hacked and the user gained root privileges there is no way (other than you are running tripwire or something like that) to tell what the user had done or what you had done. Just my 2 cent Marc __________________________________________________________________ Do You Yahoo!? Gesendet von Yahoo! Mail - http://mail.yahoo.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010809083126.47722.qmail>