Hey everyone, i had a freebsd server running version 4.3 and it got hacked by one of my users. I think he used some sort of script but im not sure the only thing open to the outside world is ssh i think he gave over his a account to a pro and had him hack it . I know he did'tdo a brute force hack on ssh because i turned off root log on from ssh so all he could have done was bruteforce a member in the wheel group then crack su login but i checked all of my logs and all logins are accounted for. On the inside ive got mysql running, sendmail and a few other things. I was just wondering if anyone had any ideas off the top of there head.