[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [[cobalt-users] Server Hacked?]

Subject: Re: [[cobalt-users] Server Hacked?]
From: "manitu" <manitu@xxxxxxxxxx>
Date: Sun Feb 13 09:01:24 2000

> This can happen on ANY machine. If you find a machine that's hack-proof
let
> us know.
> How could it happen? By not enforcing a strong password policy is one way.
> Perhaps
> a user called joe with a password of joe. Once a hacker finds something
like
> that he's
> in your machine and the rest is simple. Make your users choose strong
> passwords.

How can someone who has found out a password of one user (not root and not
admin) access the passwd or shadow files ? They are owned by root...

Just one question: The passwd file is marked as world-readable. Should I
remove this flag in order to improve security ?

Manuel

Follow-Ups:
- Re: [[cobalt-users] Server Hacked?]
  - From: Jeff Lasman

References:
- RE: [[cobalt-users] Server Hacked?]
  - From: Tony

Prev by Date: Re: [cobalt-users] Where are the RaQ gurus?
Next by Date: Re: [[cobalt-users] Server Hacked?]
Previous by thread: [cobalt-users] Re: Admin FTP Issues for the Raq3
Next by thread: Re: [[cobalt-users] Server Hacked?]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index