I have a Ubuntu 12.04 server, installed iRedMail a month ago. Last Friday, installed OpenSSH and opened port 22 on my firewall. Just happened to catch an established connection from a foreign address shortly after OpenSSH install. More details are logged here: http://www.linuxquestions.org/questions/linux-security-4/suspect-sever-break-in-with-user-%27sshd%27-on-ubuntu-12-04-ebury-4175505281/ Ultimately, any suggestions for doing some forensic testing on this server to identify how this happened would be most appreciated. |
Anonymous |
thread locked Quote Subscribe |
May 19th 2014 8 years ago |
Does anyone know of software than can reliably decode this? __________________________ sara |
Anonymous - |
Thread locked. Quote |
Nov 29th 2014 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!