begin quoting Neil Schneider as of Fri, Jan 28, 2005 at 05:08:07PM -0800: > > Log in as root, and do "history | less". How much of that information > would you like to have known by the next person logging in as root? In > the case of a hacked box, if .bash_history exists there can be a lot > of information that makes it easier to further compromise the system.
Of course, any intruder worth their salt would make sure they left a misleading command-history in /root/.bash_history... It is useful, sometimes, in catching junior administrators in lies. -Stewart "Caught someone covering up their accidents that way once" Stremler -- KPLUG-List mailing list [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
