Date: Tue, 27 Jan 2004 11:50:40 -0500 From: Patrick Muldoon <doon@inoc.net> To: "Peter Rosa" <prosa@pro.sk>, <freebsd-security@freebsd.org> Subject: Re: Possible compromise ? Message-ID: <200401271150.40132.doon@inoc.net> In-Reply-To: <003001c3e4f4$dbba7910$3501a8c0@peter> References: <01a901c3e294$8ea8a500$3501a8c0@peter> <1653155537.20040126121155@b-o.ru> <003001c3e4f4$dbba7910$3501a8c0@peter>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 27 January 2004 11:44 am, Peter Rosa wrote: > Hello, > please, is there some way to list ALL users, who connect remotely to my > machine ? It is our gateway, so it should be one-user machine, but if I > list /var/log/lastlog binary file, there are some lines showing usage of > ttyp0. That console I have disabled in ttys, so why there are that lines ? > How could I make FreeBSD to show that file in readable way ? man last last -- indicate last logins of users and ttys > > Was my machine compromised ? Not enough information to make a educated guess here, sorry. -Patrick -- Patrick Muldoon Network/Software Engineer INOC (http://www.inoc.net) PGPKEY (http://www.inoc.net/~doon) Key ID: 0x370D752C The computer is mightier than the pen, the sword, and usually, the programmer.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401271150.40132.doon>