Related to root login
Andrew Mathews
andrew_mathews
Mon May 17 11:51:35 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Swapana Ghosh wrote:
| Hi
|
| One of our server(redhad 7.1) we login as
|
| telnet domain.com
| user : admin
| pass : -
|
| su - root
| root passwd
|
| but today i found something has been changed i can't
| able
| to enter to root as su - root
|
[...]
|
| Where is the changes done .....
| How can i go back to my original state....
|
| Thanks in advance
| -Swapna
|
There's a good possibility that while using telnet instead of ssh that
your root password has been sniffed and the box has been compromised.
You may want to consider using an intrusion detection system such as
Tripwire to be able to monitor file changes, and never ever use telnet
anywhere except on a protected lan. Do you have any way of verifying the
system integrity now?
- --
Andrew Mathews
- ---------------------------------------------------------------------
~ 7:51pm up 7 days, 18:43, 10 users, load average: 2.90, 2.96, 2.98
- ---------------------------------------------------------------------
Life is a hospital in which every patient is possessed by the desire to
change his bed.
-- Charles Baudelaire
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org
iD8DBQE/SsWhidHQ0m/kEssRAtFwAJ934WIFt3ZSJJzgFutKPDL8An6oMwCfey/Z
7+I7AZHni0mePvUhicXLn/g=
=N9Ct
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list