Date: Thu, 16 Jun 2005 23:24:30 +1000 (EST) From: Neo-Vortex <root@Neo-Vortex.net> To: Saurabh Bhasin <sbhasin@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: last command - strange entries? Message-ID: <20050616232236.A26561@Neo-Vortex.net> In-Reply-To: <ac867641050615092469fe7158@mail.gmail.com> References: <ac867641050615092469fe7158@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Jun 2005, Saurabh Bhasin wrote: > Greetings, > > I am seeing strange entries when i perform "last -20" for example. > Here's a sample output becuase I can not seem to make any sense out of > this in the last two days and can't find any information online. Any > help is appreciated. > > 0 F=°Bttyp Wed Dec 31 16:00 still logged in > 0 6Û¯Bttyp Wed Dec 31 16:00 still logged in > 0 mÚ¯Bttyp Wed Dec 31 16:00 still logged in > 7 mÚ¯Bttyv Wed Dec 31 16:00 still logged in > 0 ¯Bttyp Wed Dec 31 16:00 still logged in > 0 (o¯Bttyp Wed Dec 31 16:00 still logged in > 2 ëg¯Bttyp Wed Dec 31 16:00 still logged in > . > > and it keeps going for 20 lines. The last command uses /var/log/wtmp and /var/log/utmp (mabe even /var/log/lastlog) - anyway, the point is, it uses those files to get the information, now, it appears as if they have become corrupt, mabe by userland/kernel land desynch? bad upgrade? tried a reboot? Else, can you give us more details about the system, past upgrades, intrusions? ~NVX
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050616232236.A26561>