HPE Community
Operating System - HP-UX
1756000 Members
2793 Online
108839 Solutions
New Discussion юеВ

Hide myself from root.

 
SOLVED
Go to solution
Chua Wen Ching
Regular Advisor

тАО10-13-2002 03:10 AM

тАО10-13-2002 03:10 AM

Hide myself from root.

In my org system, when i (a normal user) w or finger, i saw no one in the list. But when i use the command top, i can see other user's login id. Is that a background process using nohup? Is it possible to make myself hidden / invisible when the root enter w or finger in HP-UX 10.20. I had found some c scripts to make myself invisible but it cannot works in HP-UX 10.20. I want to make myself hidden without running as a root.
wenching
0 Kudos
Reply
7 REPLIES 7
harry d brown jr
Honored Contributor

тАО10-13-2002 04:55 AM

тАО10-13-2002 04:55 AM

Re: Hide myself from root.


I'm sorry, but I DON'T think it's APPROPRIATE to discuss HOW TO HACK in this forum!

live free or die
harry
Live Free or Die
0 Kudos
Reply
Chua Wen Ching
Regular Advisor

тАО10-13-2002 08:53 AM

тАО10-13-2002 08:53 AM

Re: Hide myself from root.

I not really want to learn how to hack? I just want to know as a system admin, is there such thing (make normal user account invisible using bourne shell scripting) so that i can beware in future. How about some references? Does bourne shell had the capabilities or not? Anyway i would like to apologize for asking this question here.
wenching
0 Kudos
Reply
Christian Gebhardt
Honored Contributor

тАО10-13-2002 09:59 PM

тАО10-13-2002 09:59 PM

Solution

Re: Hide myself from root.

Without details:

It is possible to hide something, "samhain" is a program using such mechanism.If it not necessary for security for system administration task it causes problems if more administrators work on the machines and it is not well documented.
Chris
Reply
Paula J Frazer-Campbell
Honored Contributor

тАО10-14-2002 03:20 AM

тАО10-14-2002 03:20 AM

Re: Hide myself from root.

Hi

Seeing a process in the process list owned by a user does not mean that that user is logged in.

A nohup & will show this also any running process designed to loop or call other processes will also show in the ps list.

Yes it is possible to hide from roots use of who as this info is stored in wtmp and can be modified.

Ownerships can be changed so that even in the ps list a user will not be seen.

Security is about closing down loopholes, giving your users ???Just enough??? permission to carry out their job and knowing your systems.

This doc will help on security:-

http://people.hp.se/stevesk/bastion11.html

Paula
If you can spell SysAdmin then you is one - anon
Reply
Chua Wen Ching
Regular Advisor

тАО10-14-2002 03:29 AM

тАО10-14-2002 03:29 AM

Re: Hide myself from root.

Is there any sample bourne shell script or c script that allow me to hide myself (related to wtmp)? Is wtmp owned by root. If i am a normal user how am i suppose to modify or write into wtmp? I am kind of confuse. But anyway thanks for the guide to protect hp-ux.
wenching
0 Kudos
Reply
Paula J Frazer-Campbell
Honored Contributor

тАО10-14-2002 03:51 AM

тАО10-14-2002 03:51 AM

Re: Hide myself from root.

Sorry

I cannot post this sort of info on the forum as it is dangerous.

You will find that a good sysadmin has lots of links to hacker sites and watches what is going on and notes system weak areas.

To start you off try here:-

http://www.astalavista.com/archive/hacking/


Paula
If you can spell SysAdmin then you is one - anon
Reply
Chua Wen Ching
Regular Advisor

тАО10-14-2002 04:11 AM

тАО10-14-2002 04:11 AM

Re: Hide myself from root.

I think it is kind of sensitive to talk this issue here. Anyway thanks for your advise. I will bear that in mind.
wenching
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.