"but other log files may have clues as to who, how and where" ... When my system was compromised last year I logged in as the user whose account I suspected the intruder was using, and sure enough a quick 'history' check revealed their activity. With that information I managed to track them back to the free shell account they were using. Hope you get it sorted out. James - ---------------------------------------------------------------------- You can find the EdLUG mailing list FAQ list at: http://www.edlug.org.uk/list_faq.html
|
This archive is kept by wibble+RM@xxx.xxx.xxx Morpheux | HomePage |