At 09:37 PM 10/12/00 -0400, you wrote:
This is really a policy question I guess. We just realized (only took a couple of months) thatthe SysAdmin from the company which we colocate our server had set himself up a root access. This was done without telling us. He has, from the logs, being going into our server at least a couple of times per month since we had the server with them.Is this normal for an ISP to do? Thanks for the answer. James Riordon
Have you asked your ISP why they have done this? That might at least let you know if it a policy they have or if one individual at the ISP decided to give himself a root account on your box for whatever reason. If it's a policy you would then have data to make an informed decision about what to do next (allow them to keep the root account, ask that they alter policy for your boxes, move to another ISP, etc).
You might also want to do a check of services that are running, etc. (i.e., treat the box as though it had been cracked).
Peter