Brandon Mitchell <[EMAIL PROTECTED]> writes:
> Since these are all from his machine, maybe he's been hacked and doesn't
> know it yet.
Well, it's a Win95 box on the other end of a dialup line. :-)
> sudo and suid programs won't cause this log entry. Another good idea may
> be to move su to anoth
On 15 Nov 1997, Ben Pfaff wrote:
> A user on my system caused a number of entries like this in the
> syslog:
>
> Nov 15 12:21:07 pfaffben su: (to root) eric on /dev/ttyp0
>
> However, the user says that he just uses `lynx' and `talk' (and I
> trust him to tell the truth about this). What
Yes, user accounting can do this. I am not sure what package provides this.
On 15-Nov-97 Ben Pfaff wrote:
> George Bonser <[EMAIL PROTECTED]> writes:
>> Ok, then, have the user change his OWN password and verify that the user was
>> in
>> fact logged on (and not someone else using his account)
George Bonser <[EMAIL PROTECTED]> writes:
> Ok, then, have the user change his OWN password and verify that the user was
> in
> fact logged on (and not someone else using his account) when the message was
> logged. Is there anyone else that lives with him that might be using his
> account?
Verif
Ok, then, have the user change his OWN password and verify that the user was in
fact logged on (and not someone else using his account) when the message was
logged. Is there anyone else that lives with him that might be using his
account?
On 15-Nov-97 Ben Pfaff wrote:
> George Bonser <[EMAIL PR
George Bonser <[EMAIL PROTECTED]> writes:
> Either the program he is running is suid root (look for a file owned by root
> with the s set in the file permissions when you do an ls -l on the file.) Or
> you have sudo or some such that is allowing to execute certain programs as
> root.
Hmmm... But
Either the program he is running is suid root (look for a file owned by root
with the s set in the file permissions when you do an ls -l on the file.) Or
you have sudo or some such that is allowing to execute certain programs as root.
Still, it would not hurt to change the root password. Someone
7 matches
Mail list logo
