What version of ftp are you using wu-ftpd or proftpd or the BSD ftpd?
Recently I remember that a vulnerablility was found in wu-ftpd that could
allow a remote user to gain root priviledges another was also found in
proftpd. Also remember that if you were cracked, and the user gained root
priviledges, then he could have cleared your log files of any
incriminating evidence. Try to find if there are any suid and sgid scripts
left on your machine in case the cracker left a back door also look
through your passwd file for any uid 0 accounts don't search for strings
like :0: because he can always use :000: this is really surface because a
good cracker would not use such obvious methods. to search for suid and
sgid scripts use
find / -type f \( -perm -2000 -o -perm -4000 \) -print
Noah
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
