You can try these commands: This should find all files modified within x days: find / -mtime x -print This should find all files changed (perms, owner, ...) within x days: find / -ctime x -print This should find all files accessed within x days: find / -atime x -print
Hope this helps. Luigi McMinn ----- Original Message ----- From: "Matthew Sallee" <[EMAIL PROTECTED]> To: "security-basics" <[EMAIL PROTECTED]> Sent: Monday, June 16, 2003 4:01 PM Subject: redhat audit > recently my redhat box was compromised and i'm auditing changes that were made > (i didn't notice for several days). > > i've been trying to create a command that will allow me view all the files > modified in the last x number of days. > > i've tried piping ls to grep with minimal success. any help is greatly > appreciated... > > matt > > > > -------------------------------------------------------------------------- - > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! > The Gartner Group just put Neoteris in the top of its Magic Quadrant, > while InStat has confirmed Neoteris as the leader in marketshare. > > Find out why, and see how you can get plug-n-play secure remote access in > about an hour, with no client, server changes, or ongoing maintenance. > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm > -------------------------------------------------------------------------- -- > --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
