Answer the question
In order to leave comments, you need to log in
W
W
WebforSelf2021-10-14 12:00:13
WebforSelf, 2021-10-14 12:00:13
How to find out who is logged into a debian server?
Server on debian 10, previous programmer quit, changed keys and root passwords.
Now I recently noticed that the nginx configs were edited.
How can I find out who is in? After all, the root passwords and SHH keys are not the same.
2 answer(s)
@rPman
R
rPman, 2021-10-14 @rPman
Logging into a Server with a Login is Not the Only Possible
Publicly accessible services can be vulnerable to attacks, unfortunately most (read all) companies don't think about the costs of protecting against this (and they can be very high) until it's too late.
At worst, if it was a programmer, then he could leave loopholes in the public service code, and not necessarily intentionally, just meaning some critical errors, you can use them to remotely access files and run the code.
Solution - conduct a full-fledged security audit of the company as a whole, and not just the server.
Similar questions
G
R
V
A
Andrey2021-12-11 00:07:12
How to win is not in the sudoers file. This incident will be reported?
3Reply
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question