Fedora 8 Security Issue
Have had two users login to my server using an account they created called 'test'. How can they do that without showing a login for the root account? I learned this by running last and seeing that the users came in from a foreign address. I thought I had that address blocked in /etc/hosts.deny, but it did not stop them. I had no 'test' account on my system.
I have since removed the 'test' account.
Any suggestions or ideas?
Jack
|