[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Hacked? Curious lack of home dir



As another recent victim of Linux hacking, I really suggest following the
advice of the experts...

Reinstall from the ground up.  Nothing else compares.

-Matt
-----Original Message-----
 From: David Dagon <david.dagon at mindspring.com>
To: ale at ale.org <ale at ale.org>
Date: Tuesday, January 26, 1999 10:50 PM
Subject: [ale] Hacked? Curious lack of home dir


>Hi,
>
>   A friend running a Linux box has an urgent, and puzzling, problem.
>
>   Accounts have been set up for various users.  Logs indicate normal
>usage.  Then, all of a sudden,
>no user is able to log in.  "No directory /home/<USER>!" is the only
>message, when in fact there
>exists such a directory.  In addition, when root attempts to remove the
>user and add the user
>all over again, the same message appears.
>
>   In short, only root can log in from the console (remote root login is
>of course not permitted).
>
>Any ideas?  I'm thinking chmod problems?  Has anyone seen this before?
>
>His box was hacked a few weeks ago, and I'm concerned this is a
>lingering backdoor exploit.
>
>Regards,
>
>David Dagon
>david.dagon at mindspring.com
>=======================================================
>
> telnet <IP>
>Trying <IP>
>Connected to <IP>
>Escape character is '^]'.
>
>Red Hat Linux release 5.1 (Manhattan)
>Kernel 2.2.0-pre7 on an i586
>login: dagon
>Password:
>Last login: Tue Jan 26 22:06:43 from <ANOTHER IP>
>
>
>
>Welcome to the humble server
>
>        If you are new, you can find out more about linux by typing
>"more readme".
>
>
>No directory /home/dagon!
>Connection closed by foreign host.
>
>
>