Home page logo

pen-test logo Penetration Testing mailing list archives

Group permissions changed
From: sf_submit () yahoo com
Date: 28 Sep 2005 18:33:28 -0000

I posted this before on the security basics, but haven't recieved a response, and it worries me a bit, so I'm sending 
this to a few other groups in hopes that someone will have an idea about it.


Fairly recently I noticed my ftp client wouldn't list files in certain directories on my server anymore - so I ssh'd in 
(it's dedicated), and did a ls -aFl on the files, hoping to see what the problem was - here are a few of the results:

-rw-r--r-- 1 larry 503 371 2005-02-25 08:36 head.php
-rw-r--r-- 1 larry 48 873 2005-09-09 03:23 foot.php

I never set the group ids to 503 or 48, so I checked just to make sure - and no groups with those ids even exist. Is 
there an exploit/tool that causes this, and should I be worried?

I checked the processes running, and everything seems to be OK - same with any processes connecting to the internet.

I'd appreciate any comments

Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:


  By Date           By Thread  

Current thread:
  • Group permissions changed sf_submit (Sep 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]