It is impossible to comment based on the information provided by you,
Secondly, It might be handiwork of local staff also, because it impossible
to read the /etc/passwd file and decode your password.
Some script might be trapping your password.
Regards,
Mukund Deshmukh
Beta Computronics Pvt. Ltd.
Web site - http://betacomp.com
>Dear friends.
>
>I think my server has been hacked. [Redhat 6.2]. While logged on to the
server thru telnet, some time my password is flashed on the terminal /
telnet screen or email address of the last mail which I send is shown in
the command prompt. other wise all the other services are working normally
[Sendmail/httpd/dns/ftp etc]. Telnet is allowed only for the local staff on
local network. from outside only ssh,ftp,smtp,dns is allowed. Can u pls
tell me which files/script I should check. How do I check if the file has
been altered. date and time stamp of login, bash have not been changed. Pls
help me come out of this problem
>
>regards
>
>-- RR
>
>_______________________________________________
>linux-india-help mailing list
>[EMAIL PROTECTED]
>https://lists.sourceforge.net/lists/listinfo/linux-india-help
>
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
