[CentOS] Authentication Problems

Wed Feb 16 12:43:03 UTC 2011
James Bensley <jwbensley at gmail.com>

On 16 Feb 2011 12:34, "Nico Kadel-Garcia" <nkadel at gmail.com> wrote:
> Uh-oh. Has your developer, or you, been editing the /etc/passwd,
> /etc/shadow, /etc/group, or /etc/gshadow files manually?


> And do you
> use NIS or LDAP for authentication?


> And this is a publicly exposed
> webserver, right? How fast can you rebuild it if it's been rootkitted?

How long is a peice of string? As quick as I can reupload the data, but
thats another issue for another day.

> Check the /etc/shadow and /etc/group for consistent numbers of
> entries, and /etc/group and /etc/gshadow.

Do you mean duplicate entries? If so there are none of those.

> Do you have other users who
> can still log in or not?

There is only the root and web dev user on this box.

Thanks for your input Nico :)

--James. (This email was sent from a mobile device)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110216/64172e9e/attachment-0005.html>