Re: Possible compromise ?
From: D J Hawkey Jr (hawkeyd_at_visi.com)
Date: 01/27/04
- Previous message: Peter Pentchev: "Re: Possible compromise ?"
- In reply to: Peter Rosa: "Possible compromise ?"
- Next in thread: Peter Rosa: "Re: Possible compromise ?"
- Reply: Peter Rosa: "Re: Possible compromise ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Jan 2004 10:57:41 -0600 To: Peter Rosa <prosa@pro.sk>
On Jan 27, at 05:44 PM, Peter Rosa wrote:
>
> Hello,
>
> please, is there some way to list ALL users, who connect remotely to my
> machine ? It is our gateway, so it should be one-user machine, but if I list
> /var/log/lastlog binary file, there are some lines showing usage of ttyp0.
`man lastlog` explains that file (and others), and the "SEE ALSO" section
lists pertinent commands.
> That console I have disabled in ttys, so why there are that lines ? How
> could I make FreeBSD to show that file in readable way ?
`man last`.
> Was my machine compromised ?
Not enough info to go on. `last` just may show the last time the admin
was on tty0, disabling tty0.
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Peter Pentchev: "Re: Possible compromise ?"
- In reply to: Peter Rosa: "Possible compromise ?"
- Next in thread: Peter Rosa: "Re: Possible compromise ?"
- Reply: Peter Rosa: "Re: Possible compromise ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
