On Tuesday 31 August 2004 06:51 pm, Matthew Kent wrote:
> > I don't *think* anyone has broken in yet, but I can't be sure.
As root, type "last" (without the quotes). Of course good hackers will have
covered their tracks and cleaned up after themselves...
From "man last":
Last searches back through the file /var/log/wtmp (or the file desig-
nated by the -f flag) and displays a list of all users logged in (and
out) since that file was created.
> I've never done it before, but I believe there are some standard kits to
> check for signs of a rooting.
chkrootkit, http://www.chkrootkit.org/
--
Peter Pankonin, digitalcrucible
There are 10 kinds of people in the world,
those who understand binary, and those who don't.
_______________________________________________
clug-talk mailing list
[EMAIL PROTECTED]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
