Magento styles.css file changed ? Compromised ?

Hi Experts,

I got a complain that the Magento css has changed, and please check below what I have seen from the changed file. It's seems like we didn't had a release on anything planned for March 3rd. Or we are not sure some has did change using the Magento admin panel.

-rw-rw-r-- 1 1000 www-data 108090 2013-03-03 10:04 styles.css

I'm not sure who is 1000 ?

Can you please help me to investigate about this.

Thanks a lot for your time !
Shakthi777Asked:
Who is Participating?
 
btanConnect With a Mentor Exec ConsultantCommented:
Likewise this has more info on checking the file permission abuses if any ...see the file Files and File system Security section. Likwise another useful sheet is the second link

http://www.ibiblio.org/pub/linux/docs/howto/other-formats/html_single/Security-HOWTO.html

http://www.sans.org/score/checklists/ID_Linux.pdf
This sheet is split into these sections:
• Unusual Processes and Services
• Unusual Files
• Unusual Network Usage
• Unusual Scheduled Tasks
• Unusual Accounts
• Unusual Log Entries
• Other Unusual Items
• Additional Supporting Tools
0
 
btanConnect With a Mentor Exec ConsultantCommented:
I assume you also know this for ls command
2nd column is --> Number of links
3rd Column is --> File/directory owner
4th Column is --> File/directory group

Quick check is also etc user on such '1000' user, and check on system trails and symptoms available for breaches and login at pt of changes or creation of file

See this to help in check
http://wiki.metawerx.net/wiki/LBSA
0
 
Shakthi777Author Commented:
tnx !
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.