look in to var/log/messages and see any action taken in running some of
the conf programs. Use tripwire (redhat supports) so that you can
monitor the activities
sangunni
On Fri, 14 Sep 2001 [EMAIL PROTECTED] wrote:
> Dear friends.
>
> I think my server has been hacked. [Redhat 6.2]. While logged on to the server thru
>telnet, some time my password is flashed on the terminal / telnet screen or email
>address of the last mail which I send is shown in the command prompt. other wise all
>the other services are working normally [Sendmail/httpd/dns/ftp etc]. Telnet is
>allowed only for the local staff on local network. from outside only ssh,ftp,smtp,dns
>is allowed. Can u pls tell me which files/script I should check. How do I check if
>the file has been altered. date and time stamp of login, bash have not been changed.
>Pls help me come out of this problem
>
> regards
>
> -- RR
>
> _______________________________________________
> linux-india-help mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/linux-india-help
>
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
