Date: Tue, 01 Jul 2003 15:10:09 +0300 From: Sergei Vyshenski <fbsd4@pn.sinp.msu.ru> To: freebsd-stable@freebsd.org Subject: possible intrusion? Message-ID: <5.1.1.6.2.20030701150100.00a74aa0@vivaldi.pn.sinp.msu.ru>
next in thread | raw e-mail | index | archive | help
Today discovered the following in /var/log: -rw-r--r-- 1 root wheel 176 Jul 1 14:37 wtmp -rw-r--r-- 1 root wheel 0 Jul 1 05:20 wtmp.0 -rw-r--r-- 1 root wheel 0 Jul 1 05:00 wtmp.1 -rw-r--r-- 1 root wheel 20460 Jul 1 00:19 wtmp.2 -rw-r--r-- 1 root wheel 0 Jun 1 05:20 wtmp.3 While file /etc/newsyslog says: /var/log/wtmp root.wheel 644 3 * @01T05 B The system is 4.8-STABLE FreeBSD 4.8-STABLE #0: Tue Jun 17 22:09:23 MSD 2003 Could this mean the sign of intrusion? Thank you very much for any comment ahead of time, Sergei
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.1.6.2.20030701150100.00a74aa0>