Security Basics mailing list archives
Re: redhat audit
From: Steve Frank <stevefrankrit () yahoo com>
Date: Tue, 17 Jun 2003 04:25:29 -0700 (PDT)
Matt, This script will have to be edited to meet your needs, but take a look at this bash script. This line of a bash script will run the find command on your system. In my example I was searching for any files with a comma although you can change the search criteria to meet whatever format string you want. Notice the -mtime 5 tag. This says, return only those files that have changed within the last 5 days. The -exec tag will execute a command on any file that meets the search criteria (i.e. it has been edited within 5 days.) You probably don't want to delete the file like this script does, but rather record the file's name and path into another file. find / -name ",*" -mtime +5 -exec rm -f {} \; echo "finished with search"; I hope this helps you. Thanks, Steve Frank President of SPARSA Security Practices and Research Student Association www.sparsa.org Rochester Institute of Technology --- Matthew Sallee <iammatt () holly colostate edu> wrote:
recently my redhat box was compromised and i'm auditing changes that were made (i didn't notice for several days). i've been trying to create a command that will allow me view all the files modified in the last x number of days. i've tried piping ls to grep with minimal success. any help is greatly appreciated... matt
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
Current thread:
- redhat audit Matthew Sallee (Jun 16)
- Re: redhat audit Benjamin A. Okopnik (Jun 17)
- Re: redhat audit Florian Streck (Jun 17)
- Re: redhat audit Rick Hale (Jun 17)
- Re: redhat audit Tim Greer (Jun 17)
- Re: redhat audit Devdas Bhagat (Jun 17)
- RE: redhat audit Shane Lahey (Jun 17)
- Re: redhat audit Steve Frank (Jun 17)
- Re: redhat audit Mike Pettinicchio (Jun 17)
- Re: redhat audit exon (Jun 17)
- Re: redhat audit Douglas K. Fischer (Jun 17)
- Re: redhat audit Ulrich Keil (Jun 17)
- Re: redhat audit Luigi R. F. McMinn (Jun 17)
- Re: redhat audit Jan De Luyck (Jun 17)
- Re: redhat audit Pierre BETOUIN (Jun 17)
- Re: redhat audit Mark Ng (Jun 17)
- Re: redhat audit Volker Kindermann (Jun 17)
- <Possible follow-ups>
- RE: redhat audit Duane Beck (Jun 17)
(Thread continues...)