Re: Distro suggestions :-)
- From: General Schvantzkoph <schvantzkoph@xxxxxxxxx>
- Date: 7 Jan 2007 15:40:23 GMT
On Sat, 06 Jan 2007 07:58:07 -0800, sk8terg1rl wrote:
Hi General, thanks for your input.
General Schvantzkoph wrote:
On Sat, 06 Jan 2007 01:51:42 -0800, sk8terg1rl wrote:
Hey group,
Recently I suspect that my SuSE 10.0 box got hacked into. Whoever did
it messed with the master boot record and partition information. This
only became apparent when I took the hard disk out and attempted to
reformat it entirely on a clean system. I don't think the
password/username was brute forced, as it was too long and root logins
were disabled. I'm guessing some exploit was probably used (I hadn't
updated it in a loooong time).
As such, I'm looking for a new distro to use. It should work on x86_64,
i586 and EM64T CPUs. It should be very secure against exploits. Also,
I'm looking for a distro which would be rewarding if I spend the time &
effort to learn it. Something moderate in newbie friendliness between
Windows-clones and the more "difficult" distros like IIRC Arch Linux.
What do you think of Debian? AIUI only the latest etch (testing) and
sid (unstable) releases support AMD64 CPUs.
Thanks for any advice.
I don't think you were hacked, you have a bad disk. It's really unlikely
that someone would break into your system and corrupt your MBR.
Well, I scanned my freshly formatted Seagate hard disk which is only
several months old with Seatools. No errors found. Time will tell, I
suppose, if it was a dying hard drive or something else.
Personally IMVHO it was a string of coincidences to get denied SSH,
locked physical login screens and later lose the GUI login (what you
get when you hit Ctrl-Alt-F1), at which point both my normal user/root
login gets rejected (doesn't even ask for my password, just returns to
linux login ~>).
I was asking for trouble for not setting my hosts.allow/deny properly
though.
It could be the cable or the controller or some random noise, but what
happened to your drive was almost certainly a hardware problem not the
results of a break in. As for ssh security, you should always require RSA
authentication. It's virtually impossible for someone to guess a
public/private key pair. Passwords can't be nearly as secure. If you
require sufficiently long and arcane passwords to guarantee security you
end up making your own life difficult because you have to type in a hard
to remember password every time you want to log into the system. You can
carry your rsa keys on a flash key if you want to be able to access your
system from random outside boxes.
.
- References:
- Re: Distro suggestions :-)
- From: General Schvantzkoph
- Re: Distro suggestions :-)
- Prev by Date: Re: SpamAssassin
- Next by Date: Re: Linux+ Certification
- Previous by thread: Re: Distro suggestions :-)
- Next by thread: Re: Distro suggestions :-)
- Index(es):
Relevant Pages
|
