Quote:
Originally Posted by jggimi
Good. I'd interpreted this earlier statement:to mean that your captured remote credentials were used locally, and assumed that the same credentials were being used both locally and remote.
|
Yes, 4 instances of user got me thinking. Unfortunately I can not reproduce this incident. I checked users after a couple of hours of Tor SSH exploit.