My server was hacked. ToT
One day i found that i couldn’t login the server thru SSH and the CPU usage jumped to 100% for more than 12 hours. Finally i could login as root and found that a new user R00T was created and the SSH service was restarted with all settings in the sshd config file commented out. =.=
So from now on i will use Key Authentication instead of simple Password Authentication. Here is a very useful guide on Linode.com which shows you how to secure your server.
Linode Library – Securing Your Server
In order to use the Key Authentication, you need to generate the private key and public key on your desktop/labtop computers. This is straight forward if you are a Mac or Linux user who could use the ssh-keygen command. But for Windows user, you have to use 3rd party program like PuTTYgen. I suggest using WinSCP + PuTTY.
Continue reading Secure the SSH protocol by Key Authentication