Amahi Forums

The Amahi Home Server Forums
https://forums.amahi.org/

Odd find in authentication log

https://forums.amahi.org/viewtopic.php?f=8&t=3620

Page 1 of 1

Odd find in authentication log

Posted: Sat Dec 31, 2011 5:48 am
by izzyknight86
Hey there!

Found this in my logwatch report. Checked out /var/log/secure and found these two entries I personally didn't do:

Dec 30 21:02:30 localhost usermod[30054]: add 'apache' to group 'users'
Dec 30 21:02:30 localhost usermod[30054]: add 'apache' to shadow group 'users'

Has my Amahi box been compromised? Thanks for your help!

Re: Odd find in authentication log

Posted: Sat Dec 31, 2011 7:17 am
by bigfoot65
I would say no it has not been compromised. I am unsure why that log entry showed up, but seriously doubt someone accessed your box and did it.
All times are UTC-07:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/