=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
			      UNIX GURU UNIVERSE 
			         UNIX HOT TIP
			Unix Tip 3556 - November  4, 2014
		    http://www.ugu.com/sui/ugu/show?tip.today
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
MONITORING ROOT IN THE PASSWORD FILE
One of the popularly known method of breaking into a Unix host
is by inserting a uid value 0 in the /etc/passwd file which could
be done in many ways including backdoors for later accesses .
The script below displays warning messages on the console if
such changes a detacted. Simply place the script in the crontab
and run as frequent as you wish.
------------------------------CUT HERE-----------------------------------------
for id in `awk 'FS=":" {if(($3 == 0 && $1 != "root" )) print $1}' /etc/passwd`
do
cat << the_end >/dev/console
+----------------------------------------------------------------
|                                                                
|       `date "+Detacted On Date :%D Time :%r"`                  
|       Break-in ALERT! Login ID `echo ${id}` has uid 0         
|                                                             
+----------------------------------------------------------------
the_end
done
------------------------------CUT HERE-----------------------------------------
--------------------------------------------------------------------------
To Subscribe:    http://www.ugu.com/sui/ugu/show?tip.subscribe
To Unsubscribe:  http://www.ugu.com/sui/ugu/show?tip.unsubscribe
To Submit A Tip: http://www.ugu.com/sui/ugu/show?tip.today
==========================================================================
DISCLAIMER: All UNIX HOT TIPS ARE OWNED BY THE UNIX GURU UNIVERSE AND ARE
NOT TO BE SOLD, PRINTED OR USED WITHOUT THE WRITTEN CONSENT OF THE UNIX 
GURU UNIVERSE. ALL TIPS ARE "USE AT YOUR OWN RISK". UGU  ADVISES THAT 
ALL TIPS BE TESTED IN A NON-PRODUCTION DEVELOPMENT ENVIRONMENT FIRST.
Unix Guru Universe - www.ugu.com - tips@ugu.com - Copyright 1994-2001
==========================================================================
Selasa, 04 November 2014
Langganan:
Posting Komentar (Atom)

 










 
 Postingan
Postingan
 
 

Tidak ada komentar:
Posting Komentar