Re: ".forward" in mail logs

From: richard (rmcclary@apcc.aspca.org)
Date: 11/26/02 

From: rmcclary@apcc.aspca.org (richard)
Date: 26 Nov 2002 09:30:57 -0800

Wojtek Walczak <gminick@hacker.pl> wrote in message news:<slrnau57cb.uu.gminick@hannibal.localdomain>...
> Dnia 21 Nov 2002 09:38:13 -0800, richard napisał(a):
> > logon:x:0:0::/home/logon:/bin/bash
> I haven't seen any distribution with such an account existing by default,
> and I don't believe that there's any in the wild.
> Besides it could be a source of troubles with sendmail, since there's
> a collision when two (three on your system - root, logon, operator)
> users have the same UIDs.
>
> > operator:x:0:0:operator:/root:
> operator is rather one of default account, but it never has UID==0.

Thanks! In an RH 7.x system, any chance this (and "logon") were
created as a part of the pop3 daemon set-up (from the imap package)?

Whatever, "operator" is now user 11 with a new password, "logon" is
gone, and root has a new and even uglier password.

Coincidentally, after I finished changing these things, the pop
service (but not sendmail) died. A reboot got all up and running
again.
>

> > What else might I check?
> If there's passwords for these users (logon, operator) set in /etc/shadow.
> You should change UIDs of these users to something greater than 0 and check
> if sendmail still complains.

I'm not sure how to edit a line in shadow directly. However, again,
the entry for "logon" got blown away. I am presuming the passwords
coded for "operator" (now userid 11, with a shell of /sbin/login) got
changed by the passwd command.

Anyway, now to see what else I can find today in the logs, as well as
seeing what surprises await me tomorrow and following...

Thanks!

Relevant Pages

  • RE: Threat vector of running a service using a domain account
    ... Cachedumps are for local logon password dumps. ... Lsadumps retrieve the passwords in plaintext (each char. ... Cachedump, which again, doesn't work so well against the latest versions ... Threat vector of running a service using a domain account ...
    (Security-Basics)
  • Re: Making xp login to desktop
    ... It's called "Automatic Logon". ... Microsoft Method 2: ... In the new Windows that appears select the account you wish to make the ... Have more than one administrator level account (with strong passwords). ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: My solution
    ... > find out what the cause was, but I could not logon to XP ... > with any combination of passwords. ... > Administrator account that way either. ... > told me that I would just have to reformat and lose all ...
    (microsoft.public.windowsxp.security_admin)
  • My solution
    ... find out what the cause was, but I could not logon to XP ... with any combination of passwords. ... Administrator account that way either. ... told me that I would just have to reformat and lose all ...
    (microsoft.public.windowsxp.security_admin)
  • Re: ".forward" in mail logs
    ... I haven't seen any distribution with such an account existing by default, ... Besides it could be a source of troubles with sendmail, ... If there's passwords for these users (logon, ... You should change UIDs of these users to something greater than 0 and check ...
    (comp.os.linux.security)