Re: securing system after giving away root password

From: Christopher Kerr (gingekerr_at_gmail.com)
Date: 09/23/05 

Date: Thu, 22 Sep 2005 23:24:41 +0100

Tuncay Sari wrote:

> Hello,
>
> I signed an agreement with a provider in Germany for server housing. After
> sending my Fedora Core 4 system to them, they claim now that they expected
> a tower instead of a 2HE server. And thus they need to change the IP
> address they say...(as a matter of fact I never told them it would be a
> tower, I just oversaw to check the option in the agreement...they ought to
> have asked me if I was going to send a tower or a 2HE machine...)
>
> Problem is following: I had to tell them my root password to have some
> network settings changed. After those settings I'll be able to connect via
> ssh.
>
> How can I check that they ONLY changed some network files? How can I know
> they didn't install any software infringing linux security? Or copied my
> programs?
>
> Of course I'll have a detailed look at any entries in /var/log. But what
> else can I do?
>
> thank in advance,
>
> T. Sari

The chances are, they won't have done anything - and if they had, as the
other posters have said, you wouldn't be able to tell unless they were
unprofessional. Apart from perhaps some simple checks to see if they have
botched a hack, do the following:
change the password (two simple reasons -
        1. In case they are tempted to crack you later
        2. In case someone hacks their mailserver and reads the e-mail with the
password )

encrypt sensitive data so that they are unable to access it using their
physical presence.