[转载] 谁能给我看看它的shadow文件? - 未名空间MITBBS历史存档

国际科技财经博客移民网络热点娱乐民生时事公众号

Redian新闻

>未名空间

>Unix - 噫吁兮，危乎高哉

[转载] 谁能给我看看它的shadow文件?

[转载] 谁能给我看看它的shadow文件?# Unix - 噫吁兮，危乎高哉

c*t2001-02-20 08:02

1 楼

【以下文字转载自 Linux 讨论区】
【原文由 cogt 所发表】
是不是都有 tty::root... 这么一句?
我不能以 root 的名字从本地登录.
而且用 addusr 增加的用户也不能从本地登录.
SparcStation5, SUN OS 5.6

l*l2001-02-20 08:02

2 楼

I guess this machine is hacked.
No one will show his shadow file. If he want you crack his passwd.

【在 c**t 的大作中提到】

: 【以下文字转载自 Linux 讨论区】
: 【原文由 cogt 所发表】
: 是不是都有 tty::root... 这么一句?
: 我不能以 root 的名字从本地登录.
: 而且用 addusr 增加的用户也不能从本地登录.
: SparcStation5, SUN OS 5.6

c*t2001-02-20 08:02

3 楼

I'm wondering if I can restore it. Now I have root privilage,
could you give me some advice?
Thanks in advance.

【在 l*l 的大作中提到】

: I guess this machine is hacked.
: No one will show his shadow file. If he want you crack his passwd.

l*l2001-02-20 08:02

4 楼

Are your sure you can su tty from comman user? If so, do next:
If you have backup of system dir, then check sum.
search the suid file which is made recently.
search inet.d to see if there is a backdoor in it.
search your server program to see if there are some you don't know.
search the every user to see if their passwd can crack by john.
search if their ever have any sniffer program runs in your subnet.
Best way is to back your data, reinstall your system from CD.

【在 c**t 的大作中提到】

:
: I'm wondering if I can restore it. Now I have root privilage,
: could you give me some advice?
: Thanks in advance.

m*e2001-02-20 08:02

5 楼

One way to secure your system is to scan all the system files regularly,
and store/compare their MD5 sums.

【在 l*l 的大作中提到】

: Are your sure you can su tty from comman user? If so, do next:
: If you have backup of system dir, then check sum.
: search the suid file which is made recently.
: search inet.d to see if there is a backdoor in it.
: search your server program to see if there are some you don't know.
: search the every user to see if their passwd can crack by john.
: search if their ever have any sniffer program runs in your subnet.
: Best way is to back your data, reinstall your system from CD.