Where did you find they had entered? What had they changed? I guess I need
to know where to start looking.
> -----Original Message-----
> From: Dogsbody [mailto:dan (at mark) dogsbody.org]
> Sent: Sunday, September 17, 2006 4:43 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:07023] Re: Weird logs
> > Okay, this is getting weird. Today I log onto my server to find that
> > all of these:
> > /var/log/boot.log
> > /var/log/cron
> > /var/log/messages
> > /varl/log/secure
> > /var/log/httpd/access_log
> > /var/log/httpd/error_log
> > are set to 0 bytes at the exact same time. Now how can this be?
> When I was hacked this was done by the hackers to try and cover their
> In fact it meant I found them faster as all my log watchers instantly
> erroring! Inspect your system carefully!