Security Basics mailing list archives

Re: redhat audit

From: "Tim Greer" <chatmaster () charter net>
Date: Mon, 16 Jun 2003 17:31:55 -0700

]$ man find

Of course, that's not to say that the timestamps on any files are anywhere
near the actual date they were really modified. In other words, it's too
late. You should run tripwire, etc. before hand, it's too late to know for
sure now.
--
Regards,
Tim Greer  chatmaster () charter net
Server administration, security, programming, consulting.

----- Original Message -----
From: "Matthew Sallee" <iammatt () holly colostate edu>
To: "security-basics" <security-basics () securityfocus com>
Sent: Monday, June 16, 2003 2:01 PM
Subject: redhat audit

recently my redhat box was compromised and i'm auditing changes that were

made

(i didn't notice for several days).

i've been trying to create a command that will allow me view all the files
modified in the last x number of days.

i've tried piping ls to grep with minimal success. any help is greatly
appreciated...

matt



--------------------------------------------------------------------------

Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.

Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.

Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
--------------------------------------------------------------------------

--



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

redhat audit Matthew Sallee (Jun 16)
- Re: redhat audit Benjamin A. Okopnik (Jun 17)
- Re: redhat audit Florian Streck (Jun 17)
- Re: redhat audit Rick Hale (Jun 17)
- Re: redhat audit Tim Greer (Jun 17)
- Re: redhat audit Devdas Bhagat (Jun 17)
- RE: redhat audit Shane Lahey (Jun 17)
- Re: redhat audit Steve Frank (Jun 17)
- Re: redhat audit Mike Pettinicchio (Jun 17)
- Re: redhat audit exon (Jun 17)
- Re: redhat audit Douglas K. Fischer (Jun 17)
- Re: redhat audit Ulrich Keil (Jun 17)
- Re: redhat audit Luigi R. F. McMinn (Jun 17)
- Re: redhat audit Jan De Luyck (Jun 17)
  - Re: redhat audit Pierre BETOUIN (Jun 17)

(Thread continues...)