Mailinglist Archive: opensuse (3666 mails)

< Previous Next >
Re: [SLE] My server got hacked? Anyoen seem this?
  • From: "Carlos E. R." <robin1.listas@xxxxxxxxxx>
  • Date: Mon, 14 Mar 2005 20:18:41 +0100 (CET)
  • Message-id: <Pine.LNX.4.58.0503142017120.8455@xxxxxxxxxxxxxxxx>

The Sunday 2005-03-13 at 21:06 -0600, Henry Tang wrote:

> I think the hack that sends out the email with shadow and passwd listing
> either has root access or shadow group access. Becuase according to this
> below it shows that only user of shadow or root can read the file. If the
> hacker has root, what is the purpose of getting the system config or shadow
> file via email.. I don't see a reason going through all that trouble. So must
> be user gdm.

A reason to send an email could be because it was an automated attack.

--
Cheers,
Carlos


< Previous Next >