False alarm

I thought my server was hacked this weekend, but I think in reality someone on Peer1’s network took my IP address by accident, caused an IP conflict, and because I detected ssh running on a non-standard port, I assumed I had been rooted. In fact, when I returned to my machine today, I found no such rooting, and chkrootkit reported nothing. What really freaked me out was that I found vsftpd running on port 21, but wouldn’t accept any of my usernames/passwords, so I really assumed I had been rooted. But here I am, and nothing has been changed.

Whew, I guess?

Leave a Reply