hexfusion
asked on
repquota -uga Results *Hacked?
RH 7.3
Ensim 3.1
I might be way off here but I noticed something today when I was vailidating my quotas. A few users in the quota area are not in my group or passwd files see below. I have listed what I feel are possibly groups made by my system being hacked?
The only reason I say is the obvious #666 and in my group file these do not exist
***************repquota -uga
Block limits File limits
Group used soft hard grace used soft hard grace
--------------------------
#502 -- 868 0 0 158 0 0
#575 -- 36 0 0 11 0 0
#666 -- 1048 0 0 257 0 0
#80 -- 116 0 0 29 0 0
#96 -- 48 0 0 12 0 0
#526 -- 212 0 0 53 0 0
Any Ideas on whay this could be and how I would remove them?
Ensim 3.1
I might be way off here but I noticed something today when I was vailidating my quotas. A few users in the quota area are not in my group or passwd files see below. I have listed what I feel are possibly groups made by my system being hacked?
The only reason I say is the obvious #666 and in my group file these do not exist
***************repquota -uga
Block limits File limits
Group used soft hard grace used soft hard grace
--------------------------
#502 -- 868 0 0 158 0 0
#575 -- 36 0 0 11 0 0
#666 -- 1048 0 0 257 0 0
#80 -- 116 0 0 29 0 0
#96 -- 48 0 0 12 0 0
#526 -- 212 0 0 53 0 0
Any Ideas on whay this could be and how I would remove them?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sorry. please correct my command replacing all occurences of uid by gid.
Misread your question.
You should find files.
Sorry again.
Misread your question.
You should find files.
Sorry again.
ASKER