In article <[EMAIL PROTECTED]> you wrote: > I co-administer a system with ~ 250 users, a significant part of them I > don't know very well personally, and really, I don't rule out some of > them might try to do some cracking, of, more likely, has such a shoddy > password policy or infected windows system that their account will be > used to. > > Should I now reinstall these systems daily?
Well, the problem is of course root compromise. However, on such a system, break-ins are very likely and you better do checks regularly. This is to protect your users. > In both my case, and the thread starter's case, a normal user account > might or was definitely in the hands of someone malicious. In both > cases, no evidence whatsoever was there that there was even an attempt > at becoming root. Then a re-install might not be needed. At least if you can explain how the user account could have been compromised. Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
