someone changed my root password. what do i do?
hello everyone!
need i ask more? HEEEELLP!!!!! |
you will need to take the system down, bring it up in single user mode.
if you are usnig grub, press e at the menu and edit the line that reads kernel. append a 1 at the end of the line and boot if you are using lilo, type linux single |
If someone changed your root password without your consent then taking the box off the 'net as Ppuru suggested is the best thing to start with, but I'd reboot from a bootable CDR (maybe your distro provided you with one, else try Knoppix for starters) and manually mount the partitions read-only. That will keep you from changing the system while you look at it. When you've done that you've gotta find out when it happened, who did it and why it succeeded. Please read up on what you've gotta do, look at the LQ FAQ: Security references, post #1 under "Compromise, breach of security, detection". It ain't the easiest thing, but if you want to learn you gotta try it. Anyway you're not alone, we're here to help you if you get stuck.
|
Do you know how it happend??? or is it just that you can't log in any more?
Anyway... search google for toms root boot, it's great and It's only 1.5 MB (if fits in a floppy) From there you can change it... You just have to log in with the floppy, then mount your / partition, the chroot there and passwd root. I've done it a dozen times... thus I learnt that a secure password should be easy to remember for me... |
Re: someone changed my root password. what do i do?
Quote:
here's an informational link: http://www.cert.org/tech_tips/win-UN...ompromise.html just my two cents... |
All times are GMT -5. The time now is 10:00 PM. |