RE: user name from security logs

["Andrew Shore" <andrew.shore () holistecs com>]

Of course depending upon when you are (country) the ex-employee may have
a legal obligation to give you the passwords. If he has "forgotten" the
password he may be forced to remember whilst sitting in his cell. 

-----Original Message-----
From: pierpaolo giacomin [mailto:yrzto6 () gmail com] 
Sent: 31 May 2005 09:05
To: Emmanuel Goldstein
Cc: security-basics () securityfocus com
Subject: Re: user name from security logs

On Sun, 29 May 2005 22:26:42 +0200
Emmanuel Goldstein <goldstein101 () gmail com> wrote:

> Hi everybody.
>
> I've recently started to work in an Internet Cafe wich has a network
> of 10 Pc's running linux (Debian Woody). The thing is that the guy
> that was in charge of the network left without leaving the admin
> password cause he was fired, so now we can only access the computers
> with a regular user account.
>
> I have physical access to the computer and i can also access all hd's
> files using a LiveCD linux distribution.

ok, it's enough...
you have to mount / or /etc in rw and delete the x between ":" on the
root's line in /etc/passwd so you can log without password and then
change it.

root:x:0:0:root:/root:/bin/sh -> root::0:0:root:/root:/bin/sh

./pier
-- 
    "I worry about my child and the Internet all the time, even though
she's too young to have logged on yet. Here's what I worry about. I
worry that 10 or 15 years from now, she will come to me and say 'Daddy,
where were you when they took freedom of the press away from the
Internet?'"
    --Mike Godwin, Electronic Frontier Foundation