Suddenly I'm seeing a few 33 character encrypted passwords showing up in my /etc/shadow files on several Linux machines. And on at least one of them, some of us whose entries have inexplicably changed from 13 characters to 34 characters can no longer ssh in. First, has anyone heard of any kind of rootkit or other intrusion that has this symptom? Second, what's the easiest way to get a known good md5sum of a linux distribution binary like /usr/sbin/passwd? Solaris has a nice web site that will accept an md5sum and spit out the binary that matches it. Any quick and easy way to do the same for various redhat distributions? Thanks, Mike ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Jun 28 2002 - 08:47:22 PDT