Knowledge Base Home  l  Web Hosting  l  Softwares  l  WHM  l 

This message is to inform you that the account xxxxxx has user id 0 (root privs)
Category : WHM

IMPORTANT: Do not ignore this email.
This message is to inform you that the account xxxxxx has user id 0 (root privs).
This could mean that your system was compromised (OwN3D). To be safe you should
verify that your system has not been compromised.

If any one get the above message in your inbox as WHM notification, it is an indication of server compromise.

Now you may check which account has UID 0 in ssh command line

>> cat /etc/passwd | grep 0:0


in result you must seen same these line ...
root:x:0:0:root:/root:/bin/bash

admin:x:0:0:xxxxx:/home/xxxx:/bin/bash

any account more than root must be deleted to fix, in this server we have xxxxx more than root, then we remove it

2-Go to this address >> /etc
3-nano -w passwd
4-Find >> admin:x:0:0:xxxx:/home/xxxx:/bin/bash , and remove that line <<<<<<<<<<<<<<<<<<<<user dgc doesn't show in this list.
care full fore remove account , and sure that which account must be remove
5-CTRL + X
6-for save file >> press Y
7-check fix this by >> cat passwd
8-restart apache
9- Finished 

Please feel free to contact me for any further clarifications

mail me - lijoblr@gmail.com


Growing Business Circleâ„¢
Click here for more ....
      
     Category
 
Web Hosting  l   Softwares  l   WHM  l  
  Most Recent Articles

» Send the mail using the SMTP authentication through php

» This message is to inform you that the account xxxxxx has user id 0 (root privs)

» Warning: mail() [function.mail]: "sendmail_from" not set in php.ini or custom "From:" header missing in D:\INETPUB\VHOSTS

» call-time-pass-by-reference error after updating the php to php 5.4

» spamming through exim, Exim is down , /var drive is full

      Popular Articles

» Send the mail using the SMTP authentication through php

» This message is to inform you that the account xxxxxx has user id 0 (root privs)



Copyright © 2014 Adsin Technologies. All rights reserved. Powered by business adsleaf