On Sat, Mar 05, 2005 at 05:26:24PM -0700, Mike Melanson wrote > Walter Dnes wrote: > > Am I compromised, or does Gentoo go around creating a bunch of users > >just for the hell of it? here's a bunch of users I don't understand > > No, this is all pretty standard. Plus, the fact that the shells are > all /bin/false makes it impossible to log in as those user and get > an interactive shell. For added peace of mind, check your /etc/shadow > directory, where the actual passwords are kept. The passwords fields > are '*' or '!' which are impossible to hash to using the password > hashing algorithm. That makes it doubly impossible to ever log in > as those users.
Thanks for the info. All except no-login root, "regular user" and my "development/admin user" accounts. > Hope this puts some of your fears to rest... Thanks again. lsof -i shows only sshd listening, and that's locked down (behind NAT, iptables, and inetd). I use sshd to transfer files to and from my backup machine. -- Walter Dnes <[EMAIL PROTECTED]> An infinite number of monkeys pounding away on keyboards will eventually produce a report showing that Windows is more secure, and has a lower TCO, than linux. -- [email protected] mailing list
