Re: possibly compromised redhat 7.2 box

• Previous message: Jonathan Pokrzyk: "RE: antivirus software for DMS computers???"
• In reply to: Melissa McGillis: "possibly compromised redhat 7.2 box"
• Next in thread: Brecrost Jones: "RE: possibly compromised redhat 7.2 box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Melissa McGillis" <mcgillim@cis.uab.edu>, "Security-Basics" <security-basics@securityfocus.com>
Date: Mon, 24 May 2004 11:55:36 +0700

Dear Melissa,
I think this happen because someone (I hope s/he is your Administrator)
changed/upgraded your sshd. To fix it, try to edit your known_hosts2 at
~/.ssh/
or just remove ~/.ssh by typing : $rm -rf .ssh.
If you are using windows then remove putty.rnd (if you are using putty) from
root directory (please read the manual).

I hope this will help you

Regards,

Kalpin Erlangga S

----- Original Message -----
From: "Melissa McGillis" <mcgillim@cis.uab.edu>
To: "Security-Basics" <security-basics@securityfocus.com>
Sent: Friday, May 21, 2004 2:17 AM
Subject: possibly compromised redhat 7.2 box

> Hello,
>
> I have a redhat 7.2 server that stopped accepting my ssh login. I can
still
> use my login at the terminal. I also noticed that the host key changed. My
> only guess at this point is that the box was probably compromised. Any
good
> software out there to help me figure it out? Any other ideas as to what
> would cause this?
> Anything helps,
> Melissa
> (THIS IS IN NO WAY AFFILIATED WITH UAB. It's just the address I use for
> lists.)
>
>

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

• Previous message: Jonathan Pokrzyk: "RE: antivirus software for DMS computers???"
• In reply to: Melissa McGillis: "possibly compromised redhat 7.2 box"
• Next in thread: Brecrost Jones: "RE: possibly compromised redhat 7.2 box"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: Cisco CSA ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ... (Security-Basics) RE: Any reason not to use strcpy, strcat or scanf? ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ... (Security-Basics) RE: New Trojan? ... > Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ... to facilitate one-on-one interaction with one of our expert instructors. ... (Security-Basics) RE: Wireless access ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ... (Security-Basics) Re: antivirus for linux ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ... (Security-Basics)