Mailinglist Archive: opensuse (3666 mails)
| < Previous | Next > |
Re: [SLE] My server got hacked? Anyoen seem this?
- From: "Carlos E. R." <robin1.listas@xxxxxxxxxx>
- Date: Mon, 14 Mar 2005 20:18:41 +0100 (CET)
- Message-id: <Pine.LNX.4.58.0503142017120.8455@xxxxxxxxxxxxxxxx>
The Sunday 2005-03-13 at 21:06 -0600, Henry Tang wrote:
> I think the hack that sends out the email with shadow and passwd listing
> either has root access or shadow group access. Becuase according to this
> below it shows that only user of shadow or root can read the file. If the
> hacker has root, what is the purpose of getting the system config or shadow
> file via email.. I don't see a reason going through all that trouble. So must
> be user gdm.
A reason to send an email could be because it was an automated attack.
--
Cheers,
Carlos
| < Previous | Next > |