Security Basics mailing list archives

Re: redhat audit

From: "Tace " <tace () lycos com>
Date: Tue, 17 Jun 2003 08:12:29 +0700

Hi,
  you can use 'find' instead.
 
  Command : find * -ctime -n

  where n is the number of days. check the man pages on find for more info. remember to add the '-' sign infront of the 
number to represent the number of days up to n days, otherwise, find will only look for files that were changed n days 
ago.

Cheers,
Tace


---
Consciousness: 
   that annoying time between naps
The only cure for insomnia is:
   to get more sleep


--------- Original Message ---------

DATE: Mon, 16 Jun 2003 15:01:05
From: Matthew Sallee <iammatt () holly colostate edu>
To: security-basics <security-basics () securityfocus com>
Cc:

recently my redhat box was compromised and i'm auditing changes that were made 
(i didn't notice for several days).

i've been trying to create a command that will allow me view all the files 
modified in the last x number of days.

i've tried piping ls to grep with minimal success. any help is greatly 
appreciated...

matt



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
    
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
         
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------




____________________________________________________________
Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail!
http://login.mail.lycos.com/r/referral?aid=27005

---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

Re: redhat audit, (continued)
- Re: redhat audit Mike Pettinicchio (Jun 17)
- Re: redhat audit exon (Jun 17)
- Re: redhat audit Douglas K. Fischer (Jun 17)
- Re: redhat audit Ulrich Keil (Jun 17)
- Re: redhat audit Luigi R. F. McMinn (Jun 17)
- Re: redhat audit Jan De Luyck (Jun 17)
  - Re: redhat audit Pierre BETOUIN (Jun 17)
- Re: redhat audit Mark Ng (Jun 17)
- Re: redhat audit Volker Kindermann (Jun 17)
- RE: redhat audit Duane Beck (Jun 17)
- Re: redhat audit Tace (Jun 17)
- RE: redhat audit Klotz, Brian (Jun 17)
- Re: redhat audit Andrew Pretzl (Jun 17)
- RE: redhat audit Trevor Cushen (Jun 19)