Re: last command - strange entries?
From: Saurabh Bhasin (sbhasin_at_gmail.com)
Date: 06/16/05
- Previous message: Colin Percival: "Re: FreeBSD 5.4 SMP kernels now available via FreeBSD Update"
- In reply to: Neo-Vortex: "Re: last command - strange entries?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 16 Jun 2005 08:35:34 -0700 To: Neo-Vortex <root@neo-vortex.net>
> The last command uses /var/log/wtmp and /var/log/utmp (mabe even
> /var/log/lastlog) - anyway, the point is, it uses those files to get the
> information, now, it appears as if they have become corrupt, mabe by
> userland/kernel land desynch? bad upgrade? tried a reboot?
>
> Else, can you give us more details about the system, past upgrades,
> intrusions?
Thanks for the explanation. I do understand the above and for sanity
sake did every single thing to determine if my box was broken into.
However, it turns out that the file did get corrupted (this behavior
started to appear after a system reboot which required manual fsck).
Simple re-creation of the file worked out just fine.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Colin Percival: "Re: FreeBSD 5.4 SMP kernels now available via FreeBSD Update"
- In reply to: Neo-Vortex: "Re: last command - strange entries?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
