W
W
WebforSelf2021-10-14 12:00:13
Debian
WebforSelf, 2021-10-14 12:00:13

How to find out who is logged into a debian server?

Server on debian 10, previous programmer quit, changed keys and root passwords.
Now I recently noticed that the nginx configs were edited.
How can I find out who is in? After all, the root passwords and SHH keys are not the same.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
R
Ronald McDonald, 2021-10-14
@Zoominger

last

R
rPman, 2021-10-14
@rPman

Logging into a Server with a Login is Not the Only Possible
Publicly accessible services can be vulnerable to attacks, unfortunately most (read all) companies don't think about the costs of protecting against this (and they can be very high) until it's too late.
At worst, if it was a programmer, then he could leave loopholes in the public service code, and not necessarily intentionally, just meaning some critical errors, you can use them to remotely access files and run the code.
Solution - conduct a full-fledged security audit of the company as a whole, and not just the server.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question