Security Incidents mailing list archives
Re: Root password changed
From: sysadmin <sysadmin () wvths com>
Date: Mon, 06 Jan 2003 15:33:34 -0500
RCS wrote:
Versions of sendmail, apache & BIND that you're running aren't the latest and possibly contain buffer overflows or other vulnerabilities . Maybe it's time to start patching :p ?I have no idea how the root password on my FreeBSD 4.0 system was = changed, only I have access to it and I have only SMTP (sendmail = 8.12.1), POP3 (qpopper), apache 1.3.26 and BIND 8.2.3 . Everything else = is restricted by ACLs at the router. I had to enter single user mode and change it today. I have thoroughly checked running processes and the logs and there is = nothing suspicious.=20 Please give me your opinion on what could have caused this.=20 Thanks -- Roberto Cardona Jr. =20 --Roberto Cardona Jr. IT/IS Manager Corporate Office Centers | http://www.corporateofficecenters.com---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Also , you might want to change console line in /etc/ttys to `unsecure` as it's quite easy for someone to reboot your server into singe-user & do what you did ( i.e. change the root passwd back ) .
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Root password changed RCS (Jan 06)
- Re: Root password changed james (Jan 07)
- RE: Root password changed Michael LaSalvia (Jan 07)
- Re: Root password changed Chris Barford (Jan 07)
- Re: Root password changed sysadmin (Jan 07)
- Re: Root password changed Adam Bultman (Jan 07)
- Re: Root password changed Joe Kattner (Jan 07)
- Re: Root password changed Lisa Casey (Jan 07)