Possible compromise ?
Patrick Muldoon
doon at inoc.net
Tue Jan 27 08:52:08 PST 2004
On Tuesday 27 January 2004 11:44 am, Peter Rosa wrote:
> Hello,
> please, is there some way to list ALL users, who connect remotely to my
> machine ? It is our gateway, so it should be one-user machine, but if I
> list /var/log/lastlog binary file, there are some lines showing usage of
> ttyp0. That console I have disabled in ttys, so why there are that lines ?
> How could I make FreeBSD to show that file in readable way ?
man last
last -- indicate last logins of users and ttys
>
> Was my machine compromised ?
Not enough information to make a educated guess here, sorry.
-Patrick
--
Patrick Muldoon
Network/Software Engineer
INOC (http://www.inoc.net)
PGPKEY (http://www.inoc.net/~doon)
Key ID: 0x370D752C
The computer is mightier than the pen, the sword, and usually, the programmer.
More information about the freebsd-security
mailing list