Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 06-29-2005, 02:11 PM   #1
LQ Newbie
Registered: Jun 2005
Posts: 6

Rep: Reputation: 0
password failure RH9 - hacked?

My RH9 Linux box serves up web pages with Apache. As such it gets attacked all day long (mostly from Russia, Korea, China, etc.). I always wonder if someone will penetrate my password system but I have super cryptic passwords.

Yesterday non of my passwords worked including root. This has happened before. A boot fixes the problem but I am sure that something is askew. I checked many logs and nothing shows there is no evidence of an intruder.

Anyone seen this?

Old 06-29-2005, 02:47 PM   #2
Registered: Apr 2005
Location: Neverland
Distribution: Slackware / Ubuntu
Posts: 171

Rep: Reputation: 30
You can try using a boot loader password to prevent such happenings.
You can also, try changing the passwords frequently to anything that might not be used in any of ur other a/c like bank/ebay/paypal etc. These are just general measures, not particularly aimed at linux ...


Last edited by gnukish; 06-29-2005 at 02:57 PM.
Old 06-29-2005, 02:49 PM   #3
Registered: Jan 2004
Location: NY, USA
Distribution: Arch, openSUSE 11.1
Posts: 170

Rep: Reputation: 31
I'd suggest booting from trusted media such as a live cd and run rkhunter or another equivalent and see if there are any root kits present.
Old 06-29-2005, 02:53 PM   #4
Registered: Apr 2005
Location: Neverland
Distribution: Slackware / Ubuntu
Posts: 171

Rep: Reputation: 30
rootkits , in linux don't seem to be the biggest threat. It can perhaps be a hardware keylogger or a kernel level keylogger. You must also check for rootkits, as they should not be given best and the least importance, its one of the tools, which hackers use often on nt,xp or any os.

Your kernel version and build, also matters because kernel 2.4.x can be backdoored. Refer google, or packetstorm security archive.


Last edited by gnukish; 06-29-2005 at 02:55 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
su root: authentication failure (password correct) scs_24 Linux - Newbie 3 12-12-2009 02:07 AM
Mandrake 10.1 PPC Password failure johnnyLongside Mandriva 2 01-02-2005 07:23 PM
Samba - Win workstation, Linux Fileserver, password failure cornellS Linux - Networking 12 02-05-2004 08:20 PM
ssh password failure (sometimes) zergio Linux - Security 9 12-10-2003 09:21 PM
help! ssh password being denied for ALL acccounts (hacked?) JustinHoMi Linux - Security 4 05-26-2002 06:57 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:16 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration