Bugtraq mailing list archives
ANNOUNCE: chkwtmp, a wtmp intrusion detection anaylzer (Linux)
From: silvio () ROCKNET NET AU (Silvio Cesare)
Date: Sun, 25 May 1997 23:18:00 +1000
chkwtmp: A wtmp intrusion detection analyzer By: Silvio Cesare, 6th May, 1997 chkwtmp is an intrusion detection analyzer for the wtmp logfile on systems running the Linux OS. SYNOPSIS Usage: chkwtmp [options] -w wtmp wtmp filename -t Print unformatted timestamps DESCRIPTION chkwtmp is able to log most of the typical zap wtmp utilities (everything i've seen). The typical zap program relies on using only the current session logs and does no furthur processing after session completion, even though the wtmp logs have init logs logout entries. Silvio Cesare, <silvio () rocknet net au> ftp://ftp.rocknet.net.au/pub/silvio/
Current thread:
- Re: cfingerd vulnerability, (continued)
- Re: cfingerd vulnerability Edward S. Marshall (May 24)
- Re: cfingerd vulnerability Ken Hollis (May 24)
- Re: cfingerd vulnerability Alan Brown (May 25)
- Re: cfingerd vulnerability Michael Stone (May 25)
- winnuke in one line of perl5.004 Randal Schwartz (May 25)
- Re: cfingerd vulnerability Felix von Leitner (May 25)
- Irix buffer overflow in /bin/df David Hedley (May 24)
- Re: Irix buffer overflow in /bin/df J.A. Gutierrez (May 24)
- Irix: Pandora's box opened Yuri Volobuev (May 24)
- BitchX p139 script the lerPer (May 24)
- ANNOUNCE: chkwtmp, a wtmp intrusion detection anaylzer (Linux) Silvio Cesare (May 25)
- Re: ANNOUNCE: chkwtmp, a wtmp intrusion detection anaylzer (Linu Byron COLLIE (May 26)
- ANNOUNCE: riputils (Linux) Silvio Cesare (May 25)
- Re: Irix buffer overflow in /bin/df Lamont Granquist (May 28)