[arm-allstar] General Observation
David Lang
david at lang.hm
Wed May 17 04:17:18 EST 2017
On Wed, 17 May 2017, Sam Nabkey wrote:
> In my experience, I received a call that someone had compromised my node
> and was mining bitcoin and weak PlayStation account logins.
They can mine bitcoins and try to break passwords as any user, being root
doesn't make any difference here.
> I have changed the ssh port on all my nodes up and away from standard, I've
> changed the SIP port also as I run SIP to connect an IP phone as a node
> monitor.
I used to move the ssh port, until I ended up behind too many firewalls that
blocked ssh to non-standard parts. It's all a trade-off.
nowdays, I only have one box with exposed ssh, and I have a web based shell
available for when ssh isn't allowed.
David Lang
More information about the arm-allstar
mailing list