Re: Last login missing

From: Stefan Guha (safti_at_safti.org)
Date: 07/04/04

  • Next message: Kostas K: "Weird!"
    To: "Milos Prudek" <prudek@bvx.cz>, <focus-linux@securityfocus.com>
    Date: Sun, 4 Jul 2004 23:30:09 +0200
    
    

    If you had not mentioned the apache restart I would have assumed your wtmp
    got "full" and rotated. But together with the apache email it's suspicious.
    try the rootkit check-utils that are around.

    Milos Prudek wrote:
    > If "Last login:" is not displayed, is that fishy? Is it a sure
    > indication that a cracker was there and cleaned up his tracks?
    >
    > Details:
    >
    > When I connect via ssh to my linux server it always displays Last
    > login: <date> from <host>
    >
    > Today I received a suspiciously looking email from my server about an
    > unexpected restart of Apache, so I logged in and there was no "Last
    > login:" information.
    >
    > Of course when I logged in again, "Last login:" information was there
    > just fine.


  • Next message: Kostas K: "Weird!"

    Relevant Pages

    • RE: Last login missing
      ... If you had not mentioned the apache restart I would have assumed your ... But together with the apache email it's ... > When I connect via ssh to my linux server it always displays Last ...
      (Focus-Linux)
    • Re: What Flavor of Linux would work best?
      ... building a linux server and running a web page on apache. ... and the basics are rock solid. ... It worked out of the box for me using SUSE, ...
      (comp.os.linux.misc)
    • Re: Calling a perl script from an html doc
      ... > created as html files on a linux server, and they pop up in IE6 on our local ... Maybe you need to re-think this and write a perl script that collects the data ... You can use CGI with the Apache webserver and execute perl scripts either by ...
      (comp.lang.perl.misc)
    • Re: HLA StdLib2 criticism
      ... Reading a file, using the Windows APIs, you do not allways know in advance ... does not work against a Linux server. ... So if I run Apache* on Windows and Apache* on Linux, ...
      (alt.lang.asm)
    • Re: Apache vs IIS
      ... Windows Server not on my Linux Server so there for I would chose IIS. ... Not that Apache is bad but ASP.NET is far easier and faster to create good web forms in. ... I don't think you can run asp on Apache, ... You can run asp on Apache server, and you can do that even on an Apache running on a Linux server. ...
      (alt.php)