[SWLUG] Have I been hacked?

Bradley, Peter pbradley at uwic.ac.uk
Tue Jun 29 09:50:19 UTC 2010


I am to sysadmin what hot water is to chocolate teapots, but I'd start
by changing the root password:

http://www.linuxforums.org/articles/howto-recover-root-password_54.html

You might then want to set something up to check who's logging onto the
box - and you might want to check that you're happy with all the users
and their permissions.

HTH

Cheers


Peter

-----Original Message-----
From: discuss-bounces at swlug.org [mailto:discuss-bounces at swlug.org] On
Behalf Of Neil Jones
Sent: 29 June 2010 10:26
To: SWLUG General Discussion
Subject: [SWLUG] Have I been hacked?

My on-line webserver
 is behaving oddly. I cannot access root. The password fails. both as su

and logging in directly.

I have not changed it and I have used it umpteen times over the last few

days and it worked.

The date on the /etcpasswd file is several years old. Is there any 
advice anyone can give me on checking
the box. I can log into it via another ID but it doesn't give me root 
access.

Neil
_______________________________________________
SWLUG Discussion List - Discuss at swlug.org
http://swlug.org/mailman/listinfo/discuss




More information about the Swlug mailing list