| 1 |
On Wednesday 21 December 2005 04:32 am, Gavin Seddon wrote: |
| 2 |
> Hi all, |
| 3 |
> I have been looking in '/var/log' for users logging on. The files and |
| 4 |
> directories in there are fastidiously organised (to say the least). |
| 5 |
> Better than usual UNIX distros. What is the best place to look for |
| 6 |
> logins/hacks. |
| 7 |
> Gavin. |
| 8 |
|
| 9 |
Try looking at auth.log and wtmp. auth.log is a plaintext log of login |
| 10 |
attempts, and wtmp is a binary file that is used by the "who" command, and |
| 11 |
can also be accessed by the "last" command. |
| 12 |
|
| 13 |
-- |
| 14 |
Eric Bliss |
| 15 |
systems design and integration, |
| 16 |
CreativeCow.Net |
| 17 |
-- |
| 18 |
gentoo-amd64@g.o mailing list |
Archives