[ale] Hacked? Curious lack of home dir

Jim Lynch jwl at sgi.com
Wed Jan 27 07:44:35 EST 1999


David Dagon wrote:
> 
> Hi,
> 
>    A friend running a Linux box has an urgent, and puzzling, problem.
> 
>    Accounts have been set up for various users.  Logs indicate normal
> usage.  Then, all of a sudden,
> no user is able to log in.  "No directory /home/<USER>!" is the only
> message, when in fact there
> exists such a directory.  In addition, when root attempts to remove the
> user and add the user
> all over again, the same message appears.
> 
>    In short, only root can log in from the console (remote root login is
> of course not permitted).
> 
> Any ideas?  I'm thinking chmod problems?  Has anyone seen this before?
> 
> His box was hacked a few weeks ago, and I'm concerned this is a
> lingering backdoor exploit.
> 
> Regards,
> 
> David Dagon
> david.dagon at mindspring.com
> =======================================================
> 
>  telnet <IP>
> Trying <IP>
> Connected to <IP>
> Escape character is '^]'.
> 
> Red Hat Linux release 5.1 (Manhattan)
> Kernel 2.2.0-pre7 on an i586
> login: dagon
> Password:
> Last login: Tue Jan 26 22:06:43 from <ANOTHER IP>
> 
> Welcome to the humble server
> 
>         If you are new, you can find out more about linux by typing
> "more readme".
> 
> No directory /home/dagon!
> Connection closed by foreign host.
Check permissions and owners on the directories.  ls -lad /home ; ls -la
/home

/home should be owned by root.  the directories in /home should be owned
by the users.  /home should have 755 and the directories in /home should
be at least 700.

Jim.  
-- 
To see my .signature file, go to http://reality.sgi.com/jwl






More information about the Ale mailing list