- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HP-UX hacking program
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 08:32 AM
02-04-2011 08:32 AM
Re: HP-UX hacking program
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 08:38 AM
02-04-2011 08:38 AM
Re: HP-UX hacking program
No, that's why the program has setuid root< -rwsr-xr-x.
Once you remove that permission, "su -" will ask you for root's password.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 08:41 AM
02-04-2011 08:41 AM
Re: HP-UX hacking program
# ll /usr/bin/su
-r-sr-x--- 1 root suers 51872 Aug 3 2005 /usr/bin/su
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 09:32 AM
02-04-2011 09:32 AM
Re: HP-UX hacking program
Use swverify: swverify "*"
Of course if "swverify -F '*'" was used right after the file were modified, you could no longer check it that way. You could look for the swmodify.log for the past year.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 09:51 AM
02-04-2011 09:51 AM
Re: HP-UX hacking program
So the program is located in /sbin. This means that a root user created this program sometime in the past (unless the permissions on /usr and /usr/sbin have been hacked - should be 755). This is often called a backdoor program and may have been a novice sysadmin's attempt to survive a root password problem. You might want to consider installing/using sudo and not give out the root password to anyone.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-04-2011 10:17 AM
02-04-2011 10:17 AM
Re: HP-UX hacking program
- « Previous
-
- 1
- 2
- Next »