Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Finding how done IT

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Finding how done IT
# 1  
Old 08-25-2002
Question Finding how done IT
HellOooO,

How I can find how delete a drictory in the system.If there's 2 root one of them outside the country but we have WAN so he can access the network from outside >>>> we are using same account so how I can know who done it I want to proof that.

Regards
# 2  
Old 08-25-2002
Hi geoquest,

I'm not 100% sure what you are asking.

Are you trying to find out who deleted something on a remote computer. Are you trying to find the person who did it? Smilie
# 3  
Old 08-25-2002
It looks like something got deleted and now geoquest wants to prove the other guy did it...
# 4  
Old 08-25-2002
If it wasn't accessed via NFS, I would say have the SA take a look at the .history file for the user in question on the machine (if it hasn't already rolled off or been truncated).
# 5  
Old 08-26-2002
aus: the only prob with useing SA to look at the history file is they both used the same account.

Personally i would start with `last`. this command will give you something that looks like this.

just hope he didnt take his entry out of the wtmp file (semi clever way to be on a system and have no one know your on the system is to remove your wtmp entry so the system things your not logged in.

Code:
user1  ftp          0.0.0.0      Mon Aug 26 14:01 - 14:01  (00:00)
user2  pts/1        0.0.0.0     Mon Aug 26 13:20   still logged in

Code:
DESCRIPTION
     The last command looks in  the  /var/adm/wtmpx  file,  which
     records  all  logins  and  logouts,  for information about a
     user, a terminal, or any group of users and terminals. Argu-
     ments  specify  names  of users or terminals of interest. If
     multiple arguments are given, the information applicable  to
     any of the arguments is printed. For example, last root con-
     sole lists all of root's sessions, as well as  all  sessions
     on  the  console terminal. last displays the sessions of the
     specified users and terminals, most recent first, indicating
     the  times  at  which the session began, the duration of the
     session, and the terminal on which the session  took  place.
     last also indicates whether the session is continuing or was
     cut short by a reboot.

     The pseudo-user reboot logs  in  when  the  system  reboots.
     Thus,

# 6  
Old 08-26-2002
In the future you might want to change the way you are managing user accounts. There are a number of ways to do this:

(1) The easiest (not very secure, but helps) is to simply not allow users to login directly as root from remote terminals. They must first login as 'themselves' and then 'su' to root.

(2) If you want more control, you could enable access control lists (ACLs) on your system and then only allow users to login as 'themselves' and then give them root / superuser rights/permissions for commands they need to do their work. This also turns on accounting so you can track exactly what they do.

There are other ways to help insure you can audit what others are doing. Very few, if any, experienced system administrators on a critical multi-user system allow direct remote superuser login.
 
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Finding an average

Basically, I need to find average of numbers which are given like: sh average file1 file (in files can be more than one number) ->10 sh average 5 7 ->6 sh average /users/file ->5 echo 5 7 | sh average 6 So basically i wrote my code but it gives me error... I am pretty sure it has to work... (10 Replies)
Discussion started by: Manu1234567
10 Replies

2. Shell Programming and Scripting

Finding delimiter

Hi, I need to find the field separator for the given files. Ex- abc.txt is "|" delimited file , when I give command the output should be "|" and that shud store it in another variable. This is same with csv files or any other delmited file. If I give the filename it shud give the... (1 Reply)
Discussion started by: Prashanth B
1 Replies

3. Shell Programming and Scripting

finding first >

I want to erase some php code between a <? and a ?> in HTML containing a keyword, the problem is it finds the last > and wipes out everything before it how do i specify for it to stop searching after the first >? perl -i -p0e 's/<\?php.*keyword.*\?>//s' there's many lines of php code... (2 Replies)
Discussion started by: vanessafan99
2 Replies

4. Shell Programming and Scripting

need help for finding files

Hi, I am trying to find two files in a if condition to do a task Please find below the script that i have built while read line do filename = $line if && ]; then cp /tmp/$filename.dat /sftp/$filename.dat else cat $filename "no trg file associated" >>... (4 Replies)
Discussion started by: ramkiran77
4 Replies

5. Shell Programming and Scripting

Help finding non duplicates

I am currently creating a script to find filenames that are listed once in an input file (find non duplicates). I then want to report those single files in another file. Here is the function that I have so far: function dups_filenames { file2="" file1="" file="" dn="" ch="" pn="" ... (6 Replies)
Discussion started by: chipblah84
6 Replies

6. UNIX for Dummies Questions & Answers

Finding a pattern

Hi, I have the below content in file: <xmlfile> ows_Body="Hi" ows_Title="Title" ows_Author="krishna" </xmlfile> I wanted to remove ows_Body content from the file. I am using the below code sed -e 's/ows_Body.*ows/ows/g' Giving output: (9 Replies)
Discussion started by: mahish20
9 Replies

7. Shell Programming and Scripting

Need Help in Finding Files ::

Hi All , i am in progress of creating a script which should find a file a.txt , in a particular root directory . This should actually Search all the Sub directories and copy those files and FTP it to a server . Need a Input how to Proceed on this Thankyou guys (6 Replies)
Discussion started by: raghav1982
6 Replies

8. Shell Programming and Scripting

finding duplicate files by size and finding pattern matching and its count

Hi, I have a challenging task,in which i have to find the duplicate files by its name and size,then i need to take anyone of the file.Then i need to open the file and find for more than one pattern and count of that pattern. Note:These are the samples of two files,but i can have more... (2 Replies)
Discussion started by: jerome Sukumar
2 Replies

9. Shell Programming and Scripting

Finding different rows

I have two files. They are prety much the same, except a few lines. I would like to get the differences between the two file, but only those differences and nothing more. "diff" and "sdiff" cannot seem to do it. "sdiff -s" gets close, but I still get "less than" or "greater than" signs in the... (2 Replies)
Discussion started by: dombi
2 Replies

10. AIX

Finding FC Driver

Hello all, I am trying to figure out what command I can use in AIX in order to find out the driver level for a Fibre Channel adapter. Generically I am able to use "lscfg" to get the details but I am unable to read the output correctly. Can you help? Many thanks, -- output -- lscfg... (2 Replies)
Discussion started by: monotone
2 Replies
Login or Register to Ask a Question