[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [[cobalt-users] Server Hacked?]

Subject: Re: [[cobalt-users] Server Hacked?]
From: spamcatcher <spamcatcher@xxxxxxxxx>
Date: Mon Feb 14 08:25:23 2000

Thanks to all for the quick response.

Now that the fox is already in the hen house - so to speak, is there 
anything we can do to improve security (short of replacing everything 
with a RaQ3i). Also, are there any logs that we can look at to see what 
the cracker may have done?

Thanks!

>> This can happen on ANY machine. If you find a machine that's hack-proof
>let
>> us know.
>> How could it happen? By not enforcing a strong password policy is one way.
>> Perhaps
>> a user called joe with a password of joe. Once a hacker finds something
>like
>> that he's
>> in your machine and the rest is simple. Make your users choose strong
>> passwords.
>
>How can someone who has found out a password of one user (not root and not
>admin) access the passwd or shadow files ? They are owned by root...
>
>Just one question: The passwd file is marked as world-readable. Should I
>remove this flag in order to improve security ?
>
>Manuel
>
>
>
>_______________________________________________
>cobalt-users mailing list
>cobalt-users@xxxxxxxxxxxxxxx
>http://list.cobalt.com/mailman/listinfo/cobalt-users
>

Follow-Ups:
- Re: [[cobalt-users] Server Hacked?]
  - From: Karl-Heinz

Prev by Date: Re: [[cobalt-users] Server Hacked?]
Next by Date: [cobalt-users] Re: Admin FTP Issues for the Raq3
Previous by thread: Re: [[cobalt-users] Server Hacked?]
Next by thread: Re: [[cobalt-users] Server Hacked?]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index