Forum OpenACS Q&A: Response to Help! no SSH Telnet Access
I wanted to get that last bit out before I did some investigating of my own.
I really don't think that ssh was the problem as I could only find theoretical attacks, but nothing in the wild. More likely they got in another way.
- ftp - this seems like the most likely
FTP is evil and should be taken out of every distribution ever created and if the MS users don't like it they can get their own servers!
Anyway, it shows that even in the linux world you need to keep up with patches. I am also a little concerned at the CWD of pgsql and the session close for nsadmin, unless you did that why would a hacker give a crap about aolserver unless some of your pages were defaced.