<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.5730.11" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2>There have been a number of answers provided.
The one that was given to me when I encountered this same problem was to boot a
live CD, mount the root file system and delete the password file which would
force your normal distro boot to request a new root password next
time.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>HOWEVER, the big deal here is that the most likely
cause is the server being hacked. I got hacked a few months ago.
Step 1 was log in as root. Step 2 was change the root password. Step
3 was replace a few key executables like ps so I couldn't do administrative
tasks. Step 4 was launch a denial of service attack against someone.
That is when I discovered the problem, because it ate up all my DSL
bandwidth.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>The problem is that you don't know exactly what
files have been changed and if they have left a trap door or something.
You could fix the root password, and even discover and restore a few key files,
only to find it hacked 5 minutes later because you didn't know everything that
had been altered. For that reason, few people will put a system back on
line after the root password has been compromised. Re-installation is the
only safe way. If some of your directories like /home and /user have
separate mount points, they don't have to get wiped out in the
process.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Wilton</FONT></DIV>
<DIV> </DIV></BODY></HTML>