Your Ad Here

Sabtu, 03 November 2012

Unix Tip: MONITORING ROOT IN THE PASSWORD FILE

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

UNIX GURU UNIVERSE
UNIX HOT TIP

Unix Tip 3556 - November 3, 2012

http://www.ugu.com/sui/ugu/show?tip.today

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=


MONITORING ROOT IN THE PASSWORD FILE

One of the popularly known method of breaking into a Unix host
is by inserting a uid value 0 in the /etc/passwd file which could
be done in many ways including backdoors for later accesses .

The script below displays warning messages on the console if
such changes a detacted. Simply place the script in the crontab
and run as frequent as you wish.

------------------------------CUT HERE-----------------------------------------

for id in `awk 'FS=":" {if(($3 == 0 && $1 != "root" )) print $1}' /etc/passwd`
do
cat << the_end >/dev/console

+----------------------------------------------------------------
|
| `date "+Detacted On Date :%D Time :%r"`
| Break-in ALERT! Login ID `echo ${id}` has uid 0
|
+----------------------------------------------------------------

the_end
done
------------------------------CUT HERE-----------------------------------------




--------------------------------------------------------------------------
To Subscribe: http://www.ugu.com/sui/ugu/show?tip.subscribe
To Unsubscribe: http://www.ugu.com/sui/ugu/show?tip.unsubscribe
To Submit A Tip: http://www.ugu.com/sui/ugu/show?tip.today

==========================================================================
DISCLAIMER: All UNIX HOT TIPS ARE OWNED BY THE UNIX GURU UNIVERSE AND ARE
NOT TO BE SOLD, PRINTED OR USED WITHOUT THE WRITTEN CONSENT OF THE UNIX
GURU UNIVERSE. ALL TIPS ARE "USE AT YOUR OWN RISK". UGU ADVISES THAT
ALL TIPS BE TESTED IN A NON-PRODUCTION DEVELOPMENT ENVIRONMENT FIRST.

Unix Guru Universe - www.ugu.com - tips@ugu.com - Copyright 1994-2001
==========================================================================

Tidak ada komentar:

Posting Komentar

Your Ad Here
Free Automatic Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink Free Auto Backlink