[ubuntu] Server Finally Hacked

view full story

http://ubuntuforums.org – Ubuntu 10.04 Standard install with GUI Setup as LAMP server Hello, I do believe my server finally got hacked, or at least I finally found evidence. The evidence came from the Fail2ban Jail.conf file An unknown IP address had apparently been added to the Ignore list on each of the jail configurations. I have one other IP address there and that was a local IP address. My passwords were complex and I blocked all countries other than the US and even all the proxy server I could find. Updates were up to date. What was the likely vector they used to gain access? SSH is disabled and there is (Hardware)