possible intrusion?
Sergei Vyshenski
fbsd4 at pn.sinp.msu.ru
Tue Jul 1 04:13:11 PDT 2003
Today discovered the following in /var/log:
-rw-r--r-- 1 root wheel 176 Jul 1 14:37 wtmp
-rw-r--r-- 1 root wheel 0 Jul 1 05:20 wtmp.0
-rw-r--r-- 1 root wheel 0 Jul 1 05:00 wtmp.1
-rw-r--r-- 1 root wheel 20460 Jul 1 00:19 wtmp.2
-rw-r--r-- 1 root wheel 0 Jun 1 05:20 wtmp.3
While file /etc/newsyslog says:
/var/log/wtmp root.wheel 644 3 * @01T05 B
The system is 4.8-STABLE FreeBSD 4.8-STABLE #0: Tue Jun 17 22:09:23 MSD 2003
Could this mean the sign of intrusion?
Thank you very much for any comment ahead of time,
Sergei
More information about the freebsd-stable
mailing list