The dangers of neglected scripts

Here’s the scene:  A server is faithfully humming along doing its job.  One day, you institute a password expiration policy and it forces you to change your password.  Afterward, you get the following entry in your Logwatch report every day:

 --------------------- Connections (secure-log) Begin ------------------------ 

 **Unmatched Entries**
 unix_chkpwd[16436]: password check failed for user (imbrius)
 vsftpd: pam_tally(vsftpd:auth): user imbrius (500) tally 2128, deny 3

 ---------------------- Connections (secure-log) End -------------------------

My guess is that I have a script somewhere that uses my account to automate some process over FTP.  I’d further guess that it’s one of my signature block fetchers.  I have them running on UglyDuckling, Marlene, dropship… I’ll have to check all of them.

Moral of the story – keep track of your scripts.  XD

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: