Search results

  1. A

    secondary super user

    we already have root account, we want to create another root user , by using user add command, it will create a normal user, then we change group to root, is there a simple step we can directly create another super user by using user add? ,
  2. A

    which line of configuration got changed

    we noticed that one config file in /etc/ got changed, but this configuration files got more than 20 lines, we don't know which portion is changed, and we don't have the old file to do comparision, in red hat linux, do we have some command to check file change history with detail? thanks
  3. A

    prev value of lsattr

    we noticed that lsattr of sshd_conf is changed, can we find out what's the previous value of lsattr of sshd_conf ? how to check the sshd_conf file attribute change history? thanks
  4. A

    recover deleted log

    our secure log from July.13--July.20 is deleted, the rest secure logs are fine in the /var/log, may i know the steps to recover it?
  5. A

    rootsh, bash_history and secure log

    may i know the difference between rootsh, bash_history of root account and secure log? currently i have a suspect file B, which is created by root, I want to know how this file B is generated, can I check rootsh? thanks
  6. A

    display error

    in the console, i type cat /var/log/secure-20180516.gz, it display a lot of unreadable character on the screen, after that, the new command i type in all display wrongly, also the hostname appears human not readble character, any way to recover. thanks
  7. A

    deleted files by account

    I want to list all the binary execuatable and document files deleted by account mter for the past month in red hat linux, can this be done? thanks
  8. A

    command history of other account with time

    I want to view user rem1's command history for the last two month with date and time detail, which command I should use? platform is red hat linux. thanks
  9. A

    tracing root cause of new malicious user created

    I find a nely created malicious account mbit, it is created by root one week ago, my question is how to identify when the root account is comprised, any steps to follow? also does the hacker know the root password, if without root password, how can hacker create malicious user, can this be done...
  10. A

    list of files changed from certain date

    I'm using red hat linux, is it able to get the list of changed files and newly created files under /etc folder from Aug.21.2018 untill now. I'm fine if two command, one for created files and the other for changed files. any idea? thanks
Top