[SWLUG] Have I been hacked?
Bradley, Peter
pbradley at uwic.ac.uk
Tue Jun 29 09:50:19 UTC 2010
I am to sysadmin what hot water is to chocolate teapots, but I'd start
by changing the root password:
http://www.linuxforums.org/articles/howto-recover-root-password_54.html
You might then want to set something up to check who's logging onto the
box - and you might want to check that you're happy with all the users
and their permissions.
HTH
Cheers
Peter
-----Original Message-----
From: discuss-bounces at swlug.org [mailto:discuss-bounces at swlug.org] On
Behalf Of Neil Jones
Sent: 29 June 2010 10:26
To: SWLUG General Discussion
Subject: [SWLUG] Have I been hacked?
My on-line webserver
is behaving oddly. I cannot access root. The password fails. both as su
and logging in directly.
I have not changed it and I have used it umpteen times over the last few
days and it worked.
The date on the /etcpasswd file is several years old. Is there any
advice anyone can give me on checking
the box. I can log into it via another ID but it doesn't give me root
access.
Neil
_______________________________________________
SWLUG Discussion List - Discuss at swlug.org
http://swlug.org/mailman/listinfo/discuss
More information about the Swlug
mailing list