isp setup?

[peitzza]

hi, i dont know if this is the right forum but here goes.

i've been telneting into my ISP on my shell account to check email etc.. my ISP is running Red Hat Linux release 5.0 (Hurricane), (whatever that means, since i dont know to much about linux). i like to mess around a little and type in possible commands, like i found "pico" for file editing and of course "pine" etc.. one time i typed "setup" (thinking i might get something like setup options for my account) and got "THEE setup screen" which has: cabaret, kbdconfig, mouseconfig, ntsysv, and timeconfig. still not sure what this was i said run cabaret and i got a screen with all these options for deleting, swaping, editing etc, the hard drive of what i guess was the server, because it was the directorys/partitions:

/
/var
/usr
/var/spool
/var/spool/mail
/home
/home/users
/var/log
/home/business
/mnt/cdrom

when i saw this i got pretty scared and very carefuly backed out to the command prompt.

Here are my questions, could a regular user like me really get in to that and screw things up big time, or if i would have hit edit or delete would it have asked for a password or something? if it is possible to screw the system should i tell my ISP about the problem or is this a regular thing?

If i've left anything out please let me know, anyway i'd really appreciate a reply... and, i'll be quite now.

thanks in advance!!!
Peter
[sig]<p>Peter Heaton<br><a href=mailto:heaton@characterlink.net>heaton@characterlink.net</a><br><a href=

http://castle.chaffee.net/~heaton>Take

it how ever you want</a><br> [/sig]

 

[AndyBo]

I'm not familiar with the setup tool you describe. However, you should not have been able to delete any of the directories you mention, as long as the server has been set up correctly.

Regarding contacting your ISP about this, I would have a think about how your ISP might respond to this. Would they view it as being a hack against their server? Or would they take the sensible view? Speaking for myself, if I was the admin of this server I would appreciate a polite note along the lines of &quot;Hi! When using my shell account the other day I found that I could run the command 'setup'. This gave me some options that worried me slightly, and I thought I'd let you know that it was available to normal shell account users. Thanks for your time, etc, etc&quot;

If you wanted to send this note from a Hotmail account under a pseudonym to protect your identity if the ISP takes a &quot;you're a hacker!&quot; attitude, I guess that would be OK [sig]<p> Andy Bold<br><a href=mailto: > </a><br><a href= > </a><br>"I've probably made most of the mistakes already, so hopefully you won't have to..." Me, most days.[/sig]

 

[gerald]

It is probably a program installed by your ISP that they can do administrative tasks with.
It will show you alot of those files and folders, but chances are good that you will not be able to actually do anything with any files or folders that you are not the owner of (or that somebody has given dumb permissions)

Chances are that it will attempt to do what you asked, but the operating system wont allow it since you are not running the program as root. (unless of course it is actually an exploit that some hacker or remarkably brilliant admin installed)

In either case, I would let them know about it.

Im sure that even though you probably cannot do any harm with it, they do not want their users to see that program. At a minimum they should take it out of the system path so that you will need to give a full pathname to execute it rather than just typing in 'setup'

Regards,
Gerald
[sig][/sig]

 

[peitzza]

thank you for the tips! [sig]<p>Peter Heaton<br><a href=mailto:heaton@characterlink.net>heaton@characterlink.net</a><br><a href=

http://castle.chaffee.net/~heaton>Take

it how ever you want</a><br> [/sig]