Results 1 to 7 of 7
  1. #1
    Join Date
    Jun 2008
    Posts
    179

    Help - Possible root compromise: User account admin is a superuser (UID 0)

    I am getting this error mail from CSF repeatedly every 10min. I just installed CSF, everything works fine. But this error mail is bothering me a lot.

    The same error i am getting is

    Possible root compromise: User account admin is a superuser (UID 0)

    Hope somebody will help me...

  2. #2
    Join Date
    Apr 2009
    Location
    whitehouse
    Posts
    656

    Arrow

    UID 0 is for the root account. Did you set up the admin account with UID 0? if not check your kernel version and see if its vulnerable and run root kits detectors after removing the admin account asap.
    James B
    EzeeloginSetup your Secure Linux SSH Gateway.
    |Manage & Administer Multiple Linux Servers Quickly & Securely.

  3. #3
    Join Date
    Jun 2008
    Posts
    179
    Quote Originally Posted by BarackObama View Post
    UID 0 is for the root account. Did you set up the admin account with UID 0? if not check your kernel version and see if its vulnerable and run root kits detectors after removing the admin account asap.
    >I don't really understand what you said, i already run chkrootkit, found nothing infected.

    >i dont' know about 'setup up admin account with UID 0'

    > How to remove admin account.

    Please let me know.

    Thank you

  4. #4
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    The user admin should not have root privileges. Did you setup the admin account? Did another admin work on the server?
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  5. #5
    Join Date
    Jun 2008
    Posts
    179
    Quote Originally Posted by Steven View Post
    The user admin should not have root privileges. Did you setup the admin account? Did another admin work on the server?
    no. i didn't setup any admin.. how can i delete that admin account...where can i find it?

    I dont want any 2nd user other than root... so how can i delete this admin user

  6. #6
    Join Date
    Jun 2008
    Posts
    179
    I just found the following users through

    WHM >> Security Center >> Manage Wheel Group Users

    Users are : admin, root, sshadmin, techieweb

    who are these.... what about techieweb,, can i delete admin from here?????????????

    is it safe to remove sshadmin, techiweb also ????... i didn't even know these users exist..
    Last edited by sahithp; 05-05-2011 at 12:41 AM.

  7. #7
    Join Date
    Oct 2010
    Location
    Ottawa, Ontario
    Posts
    36
    Quote Originally Posted by sahithp View Post
    I just found the following users through

    WHM >> Security Center >> Manage Wheel Group Users

    Users are : admin, root, sshadmin, techieweb

    who are these.... what about techieweb,, can i delete admin from here?????????????
    Could possibly be setup by the default os image your server provider uses....

    Google has lots of documentation on this

Similar Threads

  1. admin has a uid 0 account WHM notification
    By mixmox in forum Hosting Security and Technology
    Replies: 8
    Last Post: 10-12-2010, 12:14 PM
  2. set uid & root access
    By gotzaway in forum Hosting Security and Technology
    Replies: 8
    Last Post: 10-27-2006, 01:38 PM
  3. [hackcheck] squid has a uid 0 account
    By rrsnider in forum Hosting Security and Technology
    Replies: 8
    Last Post: 01-18-2006, 04:20 AM
  4. Possible to edit admin user password as root?
    By Tazzman in forum Hosting Security and Technology
    Replies: 2
    Last Post: 08-24-2003, 05:30 PM
  5. [hackcheck] mailq has a uid 0 account
    By andy18 in forum Hosting Security and Technology
    Replies: 3
    Last Post: 07-07-2003, 04:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •