Jump to content

Jab

Members
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Jab

  • Rank
    Noob

Previous Fields

  • Distribution
    Fedora 9
  1. Thanks once again for the excellent advice. My Webmin isn't running on port 10000. I have however limited it's access to certain IP addresses and two other outside networks which I occasionally connect from with a dynamic IP. One thing I especially like about our replies is that you mention the names of the config files. I intend to be able to do almost everything by manually editing the config files with in the next two years.
  2. Thanks, I changed the listening port for SSH last week after I read your post. I also disabled ssh from starting up as a service. From now on I'm just going to start the SSH service from webmin when I need it and shut it down when I'm done. The number of attacks on the server has decreased to one (NOOP) since I done that. I haven't changed any of the default passwords yet but i've temporarily disabled login on some of them. So far nothing bad has happened.
  3. I recently started a job at a small accounting firm and I'm the only person in the IT department. The person who setup our mail server has left the company. I know a little about linux and I learn something new everyday. I was going through the logs today I noticed that someone was trying to login into one or more of the default user accounts to read or send mail. I'm not sure if they were successful. So my question is what is the worst that can happen if I change all the passwords on the default accounts. I don't imagine the world will end but if I change some of the passwords and something stops working (like the email) I'll have 50 people crapping on my head. I think my system has been compromised: I have no idea what the password for the spam account is and spam's shell is set to bin/false so how could this have happened? I have disabled login for this account and added a rule to the firewall to reject packets from that IP address. Below you can see most of the accounts were tried 19 times except spam which was tried 10 times. I only have an A+ and a N+, this is starting to get a bit much for me. Any help would be appreciated.
×
×
  • Create New...