Possible compromise ?

Patrick Muldoon doon at inoc.net
Tue Jan 27 08:52:08 PST 2004

On Tuesday 27 January 2004 11:44 am, Peter Rosa wrote:
> Hello,

> please, is there some way to list ALL users, who connect remotely to my
> machine ? It is our gateway, so it should be one-user machine, but if I
> list /var/log/lastlog binary file, there are some lines showing usage of
> ttyp0. That console I have disabled in ttys, so why there are that lines ?
> How could I make FreeBSD to show that file in readable way ?

man last 

 last -- indicate last logins of users and ttys

> Was my machine compromised ?

Not enough information to make a educated guess here, sorry.


Patrick Muldoon
Network/Software Engineer
INOC (http://www.inoc.net)
PGPKEY (http://www.inoc.net/~doon)
Key ID: 0x370D752C

The computer is mightier than the pen, the sword, and usually, the programmer.

More information about the freebsd-security mailing list