listing all user accounts that exist on dapper server
Tony Arnold
tony.arnold at manchester.ac.uk
Thu Aug 24 14:50:56 UTC 2006
On Thu, 2006-08-24 at 09:00 -0500, Oscar Veloz wrote:
> How do I list all user accounts that exist on a dapper server, and what
> steps or what checklist do I use to check the security of a dapper
> server from a rogue admin that has left. The obvious is ssh and telnet
> access, but what other vulnerabilities might exist?
You can look at /etc/passwd to get a list of all accounts. I would also
look at /etc/sudoers to see who has sudo access. If you have a root
passwd, then change it! Check for accounts whose UID is 0 as that
account has root access. I'd also get your users to change their
passwords in case he has run a password cracking program.
Regards,
Tony.
--
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold
More information about the ubuntu-users
mailing list