I run a couple of game servers and as a reward to some people I give them a small user account with ftp and shell access.
Now, I have this user who installed an IRC bouncer. I didnt check it out, and trusted he could be trusted, but when I later tried he managed to:
_ Ruin the vhost for his account
_ Block ftp access
_ Block shell access

I asked him what he did, and he said that he changed the rights on his root to be able to write to it.

I got grumpy and told him I had to remove his account and remake it, because I couldnt figure out what was wrong.
When I did I discovered a .oidentd.conf in his root.
When I moved this I could access his account again.

Well, I removed the user, and remade it.
I configured vhost and got that working.
And ftp and shell access was back again.
I restored his irc bouncer and gave him back a new pw.

Ok, slept over the night.
First thing I tested was his account.
Blocked again .
Vhost was still working.
Also his irc bouncer.

What could be causing this?
Not shure if this person is pretending to be a friend or not, but it feels fishy.

p.s. I tried changing the password in confixx, but the access is still blocked.

If you can help me out I would really appreciate it.

Thanks for your time

/Drutten

Out of pure paranoia reading up on what BNC can be used for, I removed the user.
And at the same time made him feel extremelly guilty.
Just as a tip for any other planning on giving out shell accounts: Be aware that BNC can be used to camouflage dodgy activities. It reveils the origin of your server, but hides the users real IP. So if your like me, a little paranoid, I recommend not letting people use BNC on your servers.