Hi Thanks a lot for all of your answers ...
>>There's a good possibility that while using telnet instead of ssh that >>your root password has been sniffed and the box has been compromised. >>You may want to consider using an intrusion detection system such as >>Tripwire to be able to monitor file changes, and never ever use telnet >>anywhere except on a protected lan. Do you have any way of verifying the >>system integrity now? This is not our sever.. It is one of our clinet's...We have asked several times but he will use *telnet*... I have nothing to verify - but just came to know that from the client's side somebody was trying to change the /etc/passwd file and after that it started behaving like this...I myself is not too experienced in the Sysadmin area...so need help.. If you all can advice me what to check and where, it will be helpful... I am already compamring though with the files like sudo, su with our existing server , which has same type of configuration.... Thanks again. -Swapna __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users