[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] lastlog on RaQ3
- Subject: Re: [cobalt-users] lastlog on RaQ3
- From: Mark Engelhardt <marke@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon Feb 19 10:30:24 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
on 2/19/01 7:02 AM, Jens Kristian Søgaard at jens@xxxxxxxxxxxxxxxxxxxx
wrote:
> Hi Kim,
>
>> Does anyone know whether Cobalt intentionally encrypts var/log/lastlog?
>
> They don't.
>
> The logfile is not encrypted; it is however in binary form. This means, that
> it will look unreadable to the human eye. It is however very readable for
> programs on the server (i.e. the format is choosen to have save space, and
> have faster processing of the file).
It looks to me like last log is a pointer to the name of the last log file.
Mine only has one line in it.
>
>> My instinct tells me that they don't, and what seems to be an encrypted
>> log is indeed evidence that someone hacked into my machine. Thanks.
>
> Don't be paranoid.
I have to disagree here, owning a Raq and posting a message to this list
increases you chances of being hacked by 1000 fold over the run of the mill
linux server.
Everyone reading and posting to this list should be *very* *very* paranoid.
Mark
>
> --
> Jens Kristian Søgaard, Mermaid Consulting I/S,
> jens@xxxxxxxxxxxxxxxxxxxx,
> http://www.mermaidconsulting.com/
>
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users