How systems get compromised

Cracked, stollen and sniffed passwords

john password_file         # John the Ripper
john -show password_file   # Read the cracked passwds

SSH client with a sniffer on a multi-user system:
reads user name, password and the destination host.

SSH brute force attack guesses user credentials.

Accounts with empty passwords and root privileges

awk -F: '$2 == "" { print $1, "has no password!" }' /etc/shadow 
awk -F: '$3 == 0 { print $1, "is a superuser!" }' /etc/passwd

World writable files and directories

find /dir -xdev -perm /o=w ! \(  -type d -perm /o=t \) ! -type l -print

SETUID and SETGID executables

find /dir -xdev -type f -perm /u=s,g=s -print

Trojans

Stack overflow attacks on vulnerable services

Worms