TLUG Mailing List

Mailing List Archive

tlug.jp Mailing List tlug archive tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Repairing a Possible Attack

Date: Mon, 21 Dec 2009 15:54:13 +0100

From: Francois Cartegnie <fcartegnie@example.com>

Subject: Re: [tlug] Repairing a Possible Attack

References: <4B2EAF3D.20000@example.com> <20091221044234.GA21903@example.com>

User-agent: KMail/1.9.10
Le lundi 21 décembre 2009, vous avez écrit :
> You can use "find" to look for recently created/modified files, e.g.:
>
> 	find / -mtime -1
>
> ...will give you a list of all files modified in the last 24 hours. Change
> -1 to -2 for 48 hours, etc.

Hi,

find / -ctime -1

You can't trust mtime on a compromised system.
In this case, the only reliable inode timestamp is ctime.

see: man utime -s 2

Francois
References:

[tlug] Repairing a Possible Attack
From: CL

Re: [tlug] Repairing a Possible Attack
From: Patrick Bernier

Prev by Date: Re: [tlug] An Epson Scanner Darkly [NEVERMIND]

Next by Date: Re: [tlug] Linux 7 year ago? [was Re: [OT] job posting]

Previous by thread: Re: [tlug] Repairing a Possible Attack

Next by thread: Re: [tlug] Repairing a Possible Attack

Index(es):

Date

Thread

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links