Richard Toohey schrieb:
$ md5 /usr/sbin/ntpd
MD5 (/usr/sbin/ntpd) = a0c8961d5818b438ecbfd6c40be47a5f
$ cat /etc/passwd
root:*:0:0:Charlie &:/root:/bin/ksh
daemon:*:1:1:The devil himself:/root:/sbin/nologin
operator:*:2:5:System &:/operator:/sbin/nologin
Your system must have been hacked.. The
On 2009-02-20, Jean-Francois wrote:
> I am not sure at all about this, maybe one has changed the daemon.
> After I checked the adresses that this daemon connected to, they were
> very strange as webservers content (blogs, default page 'It works' and
> so one ... I guess ntp servers shall not act l
Who said the french have no sense of humor? Thank you Jean-Francois for
a healthy laugh in the morning!
JB
Jean-Francois schreef:
Hi All,
It looks like my server running since few days has already been hacked.
It looks like a new user called 'daemon' ID 1 and a new group daemon.
User's full n
I didn't reply here for a long time, but this crack me :D
You are the king :D
Jean-Francois pisze:
Hi All,
It looks like my server running since few days has already been hacked.
It looks like a new user called 'daemon' ID 1 and a new group daemon.
User's full name 'The devil itself' First
Those are there by default. If the users shell is 'nologin' then you
are chasing phantoms.
Also, no, someone named 'Charlie' did not compromise root (well, most
likely :-).
-Bryan
On Fri, Feb 20, 2009 at 3:46 PM, Jean-Francois wrote:
> Hi All,
>
> It looks like my server running since few day
On 21/02/2009, at 12:46 PM, Jean-Francois wrote:
Hi All,
It looks like my server running since few days has already been
hacked.
It looks like a new user called 'daemon' ID 1 and a new group daemon.
User's full name 'The devil itself' First time I find out
evidence
of hack on my serv
On 21 Feb 2009 at 0:46, Jean-Francois wrote:
> Hi All,
>
> It looks like my server running since few days has already been hacked.
> It looks like a new user called 'daemon' ID 1 and a new group daemon.
> User's full name 'The devil itself' First time I find out evidence
> of hack on my serv
7 matches
Mail list logo
