Comments on: HAXX0RED http://firsttube.com/read/HAXX0RED/ crunchy nuggets, served semi-daily Thu, 28 Aug 2008 17:06:00 +0000 http://wordpress.org/?v=2.6 By: Tom Jones http://firsttube.com/read/HAXX0RED/#comment-316 Tom Jones Thu, 15 May 2008 23:22:31 +0000 http://firsttube.com/read/HAXX0RED#comment-316 After a third party has gained access to your machine, you can't trust anything on there anymore. There is only one solution => reinstall the whole OS.<br /> <br /> Seriously, running a machine that has been compromised is like getting in the driver's seat of your own car every day. The thief might drive you to the location you want, but it might also do other things ... After a third party has gained access to your machine, you can’t trust anything on there anymore. There is only one solution => reinstall the whole OS.

Seriously, running a machine that has been compromised is like getting in the driver’s seat of your own car every day. The thief might drive you to the location you want, but it might also do other things …

]]> By: Nita http://firsttube.com/read/HAXX0RED/#comment-251 Nita Sun, 09 Mar 2008 06:25:59 +0000 http://firsttube.com/read/HAXX0RED#comment-251 You should ALWAYS use an application which checks the SSH logs for attempts at brute forcing. I have such an app installed on my machine and I have set it up to allow 5 log-in attempts from a single IP, if they all fail the IP is blocked permanently. That may be a bit strict, but then again, I know I will not try 5 times always supplying a wrong password and there are no others who are even supposed to gain access than me. You should ALWAYS use an application which checks the SSH logs for attempts at brute forcing. I have such an app installed on my machine and I have set it up to allow 5 log-in attempts from a single IP, if they all fail the IP is blocked permanently. That may be a bit strict, but then again, I know I will not try 5 times always supplying a wrong password and there are no others who are even supposed to gain access than me.

]]>