Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

[hackcheck] syncd has a uid 0 account

Discussion in 'General Discussion' started by SWR, Apr 6, 2003.

  1. SWR

    SWR Member

    Joined:
    Jul 22, 2002
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    USA
    ===8<==============Original message text===============
    IMPORTANT: Do not ignore this email.
    This message is to inform you that the
    account syncd has user id 0 (root privs). This could mean that
    your system was compromised (OwN3D). To be safe you should verify that your
    system has not be compromised.


    ===8<===========End of original message text===========

    I run locate syncd and come up with:
    /usr/share/man/man3/wsyncdown.3x.gz
    /usr/share/man/man5/rsyncd.conf.5.gz
    /var/spool/mail/syncd

    Seems to be something that shouldn't be.

    Have I been compromised?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 SWR, Apr 6, 2003
    Last edited: Apr 6, 2003
  2. mitul

    mitul Well-Known Member

    Joined:
    Feb 8, 2003
    Messages:
    291
    Likes Received:
    0
    Trophy Points:
    166
    scan your server using chkrootkit and check for any rootkits installed.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice