Access granted even on root password change

Chuck Swiger cswiger at mac.com
Tue Jun 14 20:57:15 GMT 2005


Vinicius Pavanelli Vianna wrote:
> How could I afford that i can get always access to my remote server even
> in the case of a breakin by some script kiddie/hack? I thought about
> setting a key in ssh so i can log using it even the root password is
> changed, but this is simple to stop and it's not good to assume lack of
> knowledge of others ;)
> Anyone knows a good backup access system, like a rootkit for FreeBSD?

Enable another uid-0 account, such as the one called toor?  Setup sudo access 
for some other account which can run passwd or a shell as root, gaining 
superuser perms via the account password?

Note that having someone untrusted gain superuser access to a machine should be 
cause for backing up the system and reinstalling from scratch or restoring from 
a known-OK backup....

-- 
-Chuck



More information about the freebsd-questions mailing list