Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

OSU Physics Faqs : Linux : Security : How do I know if my password (/etc/passwd) file has been compromised?

compromised file linux OSU passwd password Physics security
0
10 Posted

OSU Physics Faqs : Linux : Security : How do I know if my password (/etc/passwd) file has been compromised?

0 CommentsAdd a Comment

1 Answer

0
10

Look for these things in your /etc/passwd file: * the last field in a passwd entry is the shell. Nothing should have a shell except for root and any user accounts that you have set up (and possibly a database like postgres). These things have something else in that entry: sync (/bin/sync), shutdown (/sbin/shutdown), xfs (/bin/false). * check the UID, which is the number in the third field (delimited by :’s). Only root should be UID 0. * look for user names you don’t recognize. 2000-Mar-23 9:19am furnstahl.1@osu.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123