Re: info

From: Joe T. (auximiniat_private)
Date: Fri May 03 2002 - 18:05:19 PDT

  • Next message: Joe T.: "RE: info"

    > If your attacker was sloppy, you may find useful
    > information in the users history file, .bash_history,
    > especially those users with uid 0.
    
    oh! yes, i forgot all about the history!
    one of the files shows some really interesting information..
    unfortunately, either the history size was set too short, or they cleared this part: it
    doesnt show anything about removing the /var/log directory or tripwire.
    
    There is a lot of other information to process though..
    
    thanks for the reminder  =)
    
    =====
    ----(Joe Topjian)---------
    web:   http://terrarum.net
    email: auximiniat_private
    --------------------------
    
    __________________________________________________
    Do You Yahoo!?
    Yahoo! Health - your guide to health and wellness
    http://health.yahoo.com
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Mon May 06 2002 - 11:20:16 PDT