hello everybody,
a few months ago i installed sparky 5.1 for an end user.
i forgot to set the root password, so it has been empty for months. :o
i am wondering, what would happen when the root password has been empty.
the user has been using "sudo" instead of "su" command.
after realizing this, i just set the root password yesterday.
how do i know if the system has not been hacked, or root account been compromised, or something like that ?
thanks before.
I guess you're wondering if any malicious code could have been installed, right?
Quote from: nubipengen on December 18, 2017, 11:12:13 AM
how do i know if the system has not been hacked, or root account been compromised, or something like that ?
Take a look into this:
https://community.spiceworks.com/topic/119640-online-virus-scanner-compatible-with-linux
If a client or you need so, I recommend this paid anti-virus as a long term solution to scan windows files and usb sticks against malware:
https://www.eset.com/int/home/antivirus-linux/
thank you, sir.
but my concern is more about security breach by hackers. isn't it possible, when the root password is empty ?
i am wondering how i find out if such things already happened.
Quote from: nubipengen on December 18, 2017, 02:20:32 PM
but my concern is more about security breach by hackers. isn't it possible, when the root password is empty ?
Yes is possible, but the user need to interact somehow with it, that's why running an outside anti-virus is the key to look for malicious code into the installation.
One must not only have the password blank, must also have access to some open port or make the user run any software.
@nubipengen, no need to worry. With all probability nothing has happened. Did a simple Google for you, read, check, learn and explore your system. ;)
https://www.google.no/search?q=how+to+check+if+the+linux+system+has+been+hacked&ie=utf-8&oe=utf-8&client=firefox-b&gfe_rd=cr&dcr=0&ei=MiA4Wq-FNai5ygWS16jYDQ
thank you everybody for your insights. :)