- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: trying to create a backdoor super user account
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 08:34 AM
тАО12-18-2007 08:34 AM
incase the root password get reset or the root file system gets full. Pls send details
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 08:45 AM
тАО12-18-2007 08:45 AM
SolutionSet up any user with a user id of 0 will probably do what you want, although it must be emphasized that it is not recommended and goes against the grain having a security policy.
To do this copy the first line of /etc/passwd to the next line and change the user name. Even the password stays the same.
There are other ways to do what you want other than have another root back door.
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 08:50 AM
тАО12-18-2007 08:50 AM
Re: trying to create a backdoor super user account
How should this happen?
This could be done by root - just like many, many other bad things. You cannot prevent all unless you are very, very carefully when you are root.
You may consider to use sudo to prepare some commands for emergency ...
Hope this helps!
Regards
Torsten.
__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 09:00 AM
тАО12-18-2007 09:00 AM
Re: trying to create a backdoor super user account
I tend to think like Torsten...
So I use sudo (an alias in .kshrc for sudo ksh...) without passwd (because the day you will need it urgently being stressed you may not want the people behind you seeing you passwd...
And give yourself sam privileges (especially shutdown/reboot the box...)
All the best
Victor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 09:03 AM
тАО12-18-2007 09:03 AM
Re: trying to create a backdoor super user account
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 09:10 AM
тАО12-18-2007 09:10 AM
Re: trying to create a backdoor super user account
If you wanted an example, my method involved invoking passwd editor.
# vipw
This brings up the passwd file. Copy the first line which contains root as the user with the yy, use the p command to insert below. Change the username 'root' to your own choice. (use vi commands to change this) and then save it. (ESC : wq!). You should now have a copy of the root user.
Mike.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 09:23 AM
тАО12-18-2007 09:23 AM
Re: trying to create a backdoor super user account
e.g. with me (vbe)
vbe ALL=(ALL) NOPASSWD: ALL
To edit use visudo (/usr/local/sbin/visudo but depends on what version you are using...)
in .kshrc:
alias 1mking='/usr/local/bin/sudo ksh'
Be sure to have put in your .profile:
export ENV=$HOME/.kshrc
For sam priviledges:
as root call sam -r
select your account
Give yourself all priviledges
save!
All the best
Victor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 09:27 AM
тАО12-18-2007 09:27 AM
Re: trying to create a backdoor super user account
I would think nowadays your best bet is to get the latest version of sudo, preferably in depot form from http://hpux.cs.utah.edu .
That way you can configure exactly what users can do specific things. Pretty slick.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 08:12 PM
тАО12-18-2007 08:12 PM
Re: trying to create a backdoor super user account
The 'backdoor' (duplicate root user) will be useless. The system doesn't care what your login name is -- root, rooty, secret9 -- the UID=0 user names (including root) will not be allowed to login just like any other user.
Note that one of the first attacks that a hacker will try on your system is to change an ordinary (and existing) user to UID=0. That way, this user still logs in without knowing about the compromise and the hacker has root access. This situation is easily detected with the command:
logins -d
So a duplicate UID=0 account doesn't help. The root password can only be changed by a root user so the fix is to eliminate sharing the root password. Change the password and then never login as root unless absolutely necessary. Contractors and system operators are forbidden to have the password. Delegate root responsibilities with restricted SAM or the better solution, download sudo from HP.
The root filesystem can only be filled by root mistakes. The first is leaving root's home in /. Move root's home to /home/root and remove all the junk files from /. The / directory should have no files at all.
The best security is to use /etc/securetty and allow root login ONLY from the console.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-18-2007 08:56 PM
тАО12-18-2007 08:56 PM
Re: trying to create a backdoor super user account
I agree with Bill. You should go for sudo.
Opening backdoors is not wise decision for any reasons. You should find the root cause of the problems that you have mentioned. These do not happen just like that. These are causes of exceptional conditions that you should be able to locate.
good luck!
kind regards
yogeeraj