Приветсвую всех терпеливых и таких же упёртых линуксоидов,как я....прошу подсказки...как мне вычислить и предотвратить вмешательство в мою систему через сеть интернета. ?
Я понимаю...линуцкс-это сетевая система....но именно в этом и обнаруживается уязвимость моего
Альт СПТ 7.0.5 . Стоит выйти в интепрнет,как минут через 30 мне меняют пароль рута и юзера. В каком журнале и какая запись об этом говорить будет? как предотвратить подобное?(лучший способ я знаю-не ходить в сеть)
P.S.-я очень давно здесь не был....но посмотрел сообщения с момента моего последнего посещения - только сегодня и вчера были написаны.... так оно и есть? или что-то здесь не так?
Вот из журнала безопасности в период последней смены пароля -
Спойлер
Apr 19 22:56:10 kali login[2788]: pam_tcb(login:auth): Bad username
Apr 19 22:56:10 kali login[2788]: pam_tcb(login:auth): Authentication failed for UNKNOWN USER from LOGIN(uid=0)
Apr 19 23:11:50 kali kdm: :0[2609]: pam_tcb(kde4:auth): Authentication passed for swintogor from (uid=0)
Apr 19 23:11:50 kali kdm: :0[2609]: pam_tcb(kde4:session): Session opened for swintogor by (uid=0)
Apr 19 23:18:02 kali consolehelper[3439]: pam_tcb(packageinstall:auth): Authentication passed for root from swintogor(uid=500)
Apr 19 23:36:46 kali consolehelper[4204]: pam_tcb(synaptic:auth): Authentication passed for root from swintogor(uid=500)
Apr 19 23:38:59 kali kdm: :0[2609]: pam_tcb(kde4:session): Session closed for swintogor
Apr 19 23:39:08 kali kdm: :0[4412]: pam_tcb(kde4:auth): Authentication passed for swintogor from (uid=0)
Apr 19 23:39:08 kali kdm: :0[4412]: pam_tcb(kde4:session): Session opened for swintogor by (uid=0)
Apr 19 23:39:59 kali kdm: :0[4412]: pam_tcb(kde4:session): Session closed for swintogor
Apr 19 23:40:46 kali kdm: :0[2626]: pam_tcb(kde4:auth): Authentication passed for swintogor from (uid=0)
Apr 19 23:40:46 kali kdm: :0[2626]: pam_tcb(kde4:session): Session opened for swintogor by (uid=0)
Apr 19 23:45:07 kali consolehelper[3438]: pam_tcb(synaptic:auth): Authentication passed for root from swintogor(uid=500)
Apr 19 23:54:35 kali groupadd[5800]: group added to /etc/group: name=hsqldb, GID=446
Apr 19 23:54:35 kali groupadd[5800]: group added to /etc/gshadow: name=hsqldb
Apr 19 23:54:35 kali groupadd[5800]: new group: name=hsqldb, GID=446
Apr 19 23:54:35 kali useradd[5804]: new user: name=hsqldb, UID=474, GID=446, home=/var/lib/hsqldb, shell=/sbin/nologin
Apr 19 23:54:35 kali groupadd[5831]: group added to /etc/group: name=jetty, GID=445
Apr 19 23:54:35 kali groupadd[5831]: group added to /etc/gshadow: name=jetty
Apr 19 23:54:35 kali groupadd[5831]: new group: name=jetty, GID=445
Apr 19 23:54:35 kali useradd[5836]: new user: name=jetty, UID=473, GID=445, home=/usr/share/jetty, shell=/bin/sh
Apr 20 00:09:18 kali consolehelper[10597]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:09:33 kali consolehelper[10602]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:10:00 kali consolehelper[10606]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:11:02 kali polkit-agent-helper-1[10900]: pam_tcb(polkit-1:auth): Authentication failed for swintogor from swintogor(uid=500)
Apr 20 00:11:39 kali polkit-agent-helper-1[10904]: pam_tcb(polkit-1:auth): Authentication failed for swintogor from swintogor(uid=500)
Apr 20 00:11:51 kali polkit-agent-helper-1[10909]: pam_tcb(polkit-1:auth): Authentication failed for swintogor from swintogor(uid=500)
Apr 20 00:12:31 kali polkit-agent-helper-1[10923]: pam_tcb(polkit-1:auth): Authentication failed for swintogor from swintogor(uid=500)
Apr 20 00:12:43 kali polkit-agent-helper-1[10927]: pam_tcb(polkit-1:auth): Authentication failed for swintogor from swintogor(uid=500)
Apr 20 00:13:34 kali consolehelper[10934]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:13:44 kali consolehelper[10938]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:13:52 kali consolehelper[10942]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:14:09 kali consolehelper[10946]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:14:33 kali consolehelper[10950]: pam_tcb(acc:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:35:25 kali sudo[13442]: pam_tcb(sudo:auth): Authentication failed for swintogor from swintogor(uid=0)
Apr 20 00:35:30 kali sudo[13442]: pam_tcb(sudo:auth): Authentication failed for swintogor from swintogor(uid=0)
Apr 20 00:35:32 kali sudo[13442]: swintogor : 1 incorrect password attempt ; TTY=pts/1 ; PWD=/home/swintogor ; USER=root ; COMMAND=re
Apr 20 00:35:44 kali su[13447]: pam_tcb(su:auth): Authentication failed for root from swintogor(uid=500)
Apr 20 00:36:30 kali kdm: :0[2626]: pam_tcb(kde4:session): Session closed for swintogor
Apr 20 00:43:21 kali kdm: :0[2627]: pam_tcb(kde4:auth): Authentication failed for swintogor from (uid=0)
Apr 20 00:43:50 kali login[717]: pam_tcb(login:auth): Bad username
Apr 20 00:43:50 kali login[717]: pam_tcb(login:auth): Authentication failed for UNKNOWN USER from LOGIN(uid=0)
Apr 20 00:43:51 kali login[717]: pam_tcb(login:auth): Bad username
Apr 20 00:43:51 kali login[717]: pam_tcb(login:auth): Authentication failed for UNKNOWN USER from LOGIN(uid=0)
Apr 20 00:43:54 kali login[717]: pam_tcb(login:auth): Bad username
Apr 20 00:43:54 kali login[717]: pam_tcb(login:auth): Authentication failed for UNKNOWN USER from LOGIN(uid=0)
Apr 20 00:45:50 kali polkitd[781]: Loading rules from directory /etc/polkit-1/rules.d
Apr 20 00:45:50 kali polkitd[781]: Loading rules from directory /usr/share/polkit-1/rules.d
Apr 20 00:45:50 kali polkitd[781]: Finished loading, compiling and executing 3 rules
Apr 20 00:45:50 kali polkitd[781]: Acquired the name org.freedesktop.PolicyKit1 on the system bus
Apr 20 00:45:56 kali kdm: :0[2643]: pam_tcb(kde4:auth): Authentication failed for swintogor from (uid=0)
я так понимаю,что это чудо мне нахамило.... name=jetty