[CentOS] Shadow passwords NOT md5'ed ?
Michael A. Peters
mpeters at mac.comSun Apr 5 19:08:25 UTC 2009
- Previous message: [CentOS] Shadow passwords NOT md5'ed ?
- Next message: [CentOS] Shadow passwords NOT md5'ed ?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Bill Campbell wrote: > On Sun, Apr 05, 2009, Ralph Angenendt wrote: >> Michael A. Peters wrote: >>> Ralph Angenendt wrote: >>>> Frédérique Da Luene wrote: >>>>> Useradd newuser : ok >>>>> passwd newuser : ok >>>>> >>>>> The password is not MD5, only 3DES. >>>> Again: Have you looked if passwd on your machine is the one from CentOS? >>>> >>> I would suggesting copying the binary to a known clean machine to check >>> the md5sum to verify. If you might have been hacked, you can't check >>> the md5 on that box. >> Yupp. The last times I had to handle/help in such situations, the binaries >> were clearly way off for the machines - often a comparing ls -l is enough, but >> not all the time. > > This will tell if the program is different and works on any RPM > based system regardless of their package contents. > > rpm -V `rpm -qf /bin/login` This assumes that rpm and the library it uses have not been compromised. I personally suspect the machine has been compromised.
- Previous message: [CentOS] Shadow passwords NOT md5'ed ?
- Next message: [CentOS] Shadow passwords NOT md5'ed ?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list