From owner-freebsd-questions@FreeBSD.ORG Wed Mar 2 12:28:25 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8CDC16A4CE for ; Wed, 2 Mar 2005 12:28:25 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F6B143D1D for ; Wed, 2 Mar 2005 12:28:25 +0000 (GMT) (envelope-from tomasq@gmail.com) Received: by rproxy.gmail.com with SMTP id j1so111225rnf for ; Wed, 02 Mar 2005 04:28:24 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=VHM33Kt2vkNhdXpoGib+N2pbwIn2CqYt/75p2yJxs+epsJobtu0ZULS/vl/7uwyin5shhzAgKjrNtpBKWAECKeAK+XkSOmgned0MgVnMS77hMknkWTFEaBd6aoLzqJwnden8Uizs5fuxF09lwXEiZ8hxeew5W8PnU9ba2OYePPE= Received: by 10.38.99.58 with SMTP id w58mr21287rnb; Wed, 02 Mar 2005 04:28:24 -0800 (PST) Received: by 10.38.66.63 with HTTP; Wed, 2 Mar 2005 04:28:24 -0800 (PST) Message-ID: <9e46c99e05030204281f48d96@mail.gmail.com> Date: Wed, 2 Mar 2005 07:28:24 -0500 From: Tomas Quintero To: freebsd-questions@freebsd.org In-Reply-To: <001d01c51ed2$a6afc630$504b4646@Fullersoffice> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <001d01c51ed2$a6afc630$504b4646@Fullersoffice> Subject: Re: Help!Help!Help! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Tomas Quintero List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Mar 2005 12:28:26 -0000 On Tue, 01 Mar 2005 18:50:53 -0800, Replies wrote: > Hi, > > I have just spent over the last two years developing a unique classified ads service which was online and had Free BSD as the security on it. We ended up with a very aggressive and belligerent programmer who left us but left us some nasty little bugs behind to really screw us up.. who we now can't find. > > I need to know how to change or eliminate a root password. > > As I still have our "test server" in my possession is there any way to actually remove the folder that the passwords are held in.....the reason I ask this is that when we actually changed the password on our "production server" it released some sort of worm that totally crashed and eliminated our online site, and all our data we have spent two years developing. It also started trying to access other sites which we only found out about this when our site crashed and we got compalints our from our ISP that our server was trying to agressively access other servers out there on the net. > > The Only saving grace is that we had it all backed up on our test server but it has the same problem...I expect...I believe that he has probably left us the same worm in our test server....the unfortunate thing is that because we do not know the root password we are worried that if we try to crack or eliminate it the same thing may happen...and then we are automatically out of business. > > Is there any way around this....I can prove I am the owner of the site...the URL and the server and any other information you may need if necessary.... > > I really need help as this is 2/12 years work as it stands gone. > > Thanks > God Bless > Freddy You may also consider ghosting/copying your test server drive to your now ruined production server drive (or any other available drive), incase during your tinkering this "worm" is once again launched and trashes your only working copy. Changing a root password physically is quite easy as well, and as Chris said, it is located on the FreeBSD site in the handbook. -Tomas Quintero www.orcagamecenters.com