Quote:
Originally Posted by i_nomad
In this case what is the best thing to do?
|
Simple. Provide your users (and yourself) clarity.
You could start by auditing the machine for (unauth'ed) access (see the
CERT Intruder Detection Checklist for a handy list of pointers), then verify the integrity of the machine. Post any findings if you want a second opinion.
Sure, some will say that that's over the top and way too much hassle for something that "clearly does not constitute a compromise". Unfortunately that's a lazy and short-sighted point of view. Running GNU/Linux is all about performance, protecting assets and providing services in a continuous, stable and secure way. You want to keep it that way. You want to ascertain
you alone control the system and correct things where necessary.