Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Server hacked, Desperate for help with FC6

Bill Horne wrote:
>> The Ubuntu Enterprise server we're using was compromised on a
>> non-priviledged account once, but there isn't anything installed that
>> the user could use, so no worries. 

They had left a file '.sudo_to_admin' or somesuch in the user's home
folder, which strangely wasn't true at all. In fact, the user that they
had logged in as, didn't have much of any rights at all. The only reason
I had even checked it was because one of my RHEL boxes had been
compromised (using a PHP vulnerability). I suspect that is was done by
some sort of script, and had the user logged-in later, would have
quickly realized that the account couldn't do much of anything.
Grant M.
Grant Mongardi
Systems Engineer

gmongardi at
(781) 894-3114 x240 phone
781.894.3997 fax

NAPC | technology matters
>>>>>>>>>>>>>>>>>>>>>>>> Please make a note of our new HQ address as of
May 23rd: 307 Waverly Oaks Road  Waltham MA 02452

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /