Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Strange connections on login.



On Tue, 21 Jan 2003 07:51:36 -0500
David Lapointe <dlapointe at attbi.com> wrote:

> On the alt.os.linux.mandrake list mr e reported strange results from
> his computer and asked if others had similar results.
> 
> Running 'last -aidx'  I get the same results that he did, i.e. a
> connection to 143.132.4.8 on login.  
The information comes from the utmp (in /var/run on Linux) and wtmp
(usially in /var/log on Linux) files. 
First, shutdown to single user mode. 
Second, truncate the wtmp file by touching it. 

Note that the utmp file is created on system startup. It shows current
activity only. The wtmp file grows forever unless you do something to
shorten it. Sometimes the logrotate procedure will shorten it. 

If the problem does not go away, when you need to find out how
143.132.4.8  is getting logged in. My thoughts is that the wtmp file is
left over from installation. 

-- 
Jerry Feldman <gaf at blu.org>
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030121/bffeed9e/attachment.sig>



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org