Date: Wed, 15 Oct 1997 10:08:00 -0500 (CDT) From: Whiskey Mike <breaker@hawk.phantasy.com> To: freebsd-questions@FreeBSD.ORG Subject: state of log files Message-ID: <199710151508.KAA29250@hawk.phantasy.com>
next in thread | raw e-mail | index | archive | help
A short while back, a host that I frequent was hacked, in addition to to dozens of university machines, including MIT and Princeton. The perpetrator, who was eventually caught, put a backdoor on port 150 so he could get in no matter what /etc/hosts.deny stated. Eventually he was caught, but now /var/log/messages, /var/log/ftp.log and /var/log/secure are not being written to. The date and time of these files are the same as the last time he hacked the system. What can I do to make sure these log files are being written to? As of now, the logfiles have not been written to in two weeks, which is a long time to not know what's going on with the system. Any information would be greatly appreciated. Please contact me at breaker@hawk.phantasy.com if you can be of assistance. Thanks in advance, -b
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710151508.KAA29250>