Re: How could this account have been cracked?

From: "robb@xxxxxxx" <robb@xxxxxxx>
Date: 26 Sep 2006 11:48:44 -0700

Nathanael Hoyle wrote:

So the account's existence was probably not revealed by the login (if
there were already a keylogger on the system, you were flat screwed from
the start).

Yes, and this may be the case.

So, although that logically, there's no real true defense, I've done a
few things (added deny all sshd, removed software I'm not using...) and
hopefully the system will hold for a week or two until I have the money
and time to rebuild the server.

.

Follow-Ups:
- Re: How could this account have been cracked?
  - From: Ayaz Ahmed Khan
- Re: How could this account have been cracked?
  - From: ynotssor

References:
- How could this account have been cracked?
  - From: robb@xxxxxxx
- Re: How could this account have been cracked?
  - From: Ian Kilgore
- Re: How could this account have been cracked?
  - From: robb@xxxxxxx
- Re: How could this account have been cracked?
  - From: Nathanael Hoyle

Prev by Date: Re: How could this account have been cracked?
Next by Date: Re: How could this account have been cracked?
Previous by thread: Re: How could this account have been cracked?
Next by thread: Re: How could this account have been cracked?
Index(es):
- Date
- Thread

Relevant Pages

Re: How could this account have been cracked?
... (if there were already a keylogger on the system, you were flat ... I have the money and time to rebuild the server. ...
(comp.os.linux.security)
Re: Server Activity
... doing while they are logged into our server. ... administrative rights that logs into our server and helps us when we ... something like a keylogger would not work. ... Seriously, if you have reason to distrust this user, take away the admin ...
(microsoft.public.windows.server.general)