Re: bash_history set to zero length
- From: kevin bailey <kbailey@xxxxxxxxxxxxxxxxxxx>
- Date: Thu, 21 Sep 2006 11:45:17 +0100
Kevin, let us know what you found. We were all willing to try to help
you. You should be willing to try to help us understand what happened.
How else will we be able to help the next guy, or ourselves (let alone
you), should this happen to us.
We all will try to help some more, with more details. Was this user you?
Was it a system user? Was it someone else? What was your 'big nessus
scan'. Do we all need to be aware of something new?
I log in to the server over ssh to carry out various tasks for which I
sometimes have to su to root.
Only one other user has access via ssh - this is a delveloper who updates a
website using winscp.
The only thing that has shown up is the bash_history file was zero length
one day when I su'd to root.
There is no other sign of intrusion that I can see via aide or chkrootkit.
Server is debian sarge and everything is up-to-date.
I looked about and I had a few other sessions running on another workspace
on my laptop and they had become disconnected when the network cable had
become unplugged.
Maybe one of these disconnects cause the bash_history to become lost?
Cheers,
Kevin
Please and thank you..
Thanks.
- Follow-Ups:
- Re: bash_history set to zero length
- From: responder
- Re: bash_history set to zero length
- References:
- bash_history set to zero length
- From: Kevin Bailey
- Re: bash_history set to zero length
- From: responder
- Re: bash_history set to zero length
- From: Kevin Bailey
- Re: bash_history set to zero length
- From: Ralf Fassel
- Re: bash_history set to zero length
- From: Kevin Bailey
- Re: bash_history set to zero length
- From: responder
- bash_history set to zero length
- Prev by Date: Re: root:nobody in logs
- Next by Date: UDP Port 28711
- Previous by thread: Re: bash_history set to zero length
- Next by thread: Re: bash_history set to zero length
- Index(es):
Relevant Pages
|
