HELP root password unknown
D'Arcy J.M. Cain
darcy at druid.uucp
Thu Nov 22 04:05:04 AEST 1990
In article <1990Nov20.094505.896 at ceres.physics.uiowa.edu> rlm at ceres writes:
>Someone (a hacker I suppose) has changed the root password on our ESIX system
>- is it possible to access the system to reset this?
Resume breathing, it can be done. Reboot from your distribution floppies.
When you see the following;
strike <ENTER> to install the ESIX System on your hard disk.
take a deep breath and press enter. It won't wipe out your system. If you
have an existing system (as you obviously do) you will see the following:
You may select a quick recovery procedure ...
...
(Strike y (quick recovery) or n (skip) followed by ENTER)
If you say yes to this a whole bunch of files will be moved to ones
called <basename>.SAV. A list will be displayed for you.
Now reboot from the fixed disk and login as root with no password. At
this point do not pass go, do not collect $200 but go straight to /etc
and remove the root password from the old shadow file and restore the
two files. Run Passwd to give root back its old password.
Now you have the task of finding the security leak and plugging it before
this happens again. A good start is the Cops program which finds a lot
of the more obvious stuff. Good luck.
--
D'Arcy J.M. Cain (darcy at druid) |
D'Arcy Cain Consulting | I support gun control.
West Hill, Ontario, Canada | Let's start with the government!
+ 416 281 6094 |
More information about the Comp.unix.sysv386
mailing list