Query: chkwtmp
OS: linux
Section: 1
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
CHKWTMP(1) General Commands Manual CHKWTMP(1)NAMEchkwtmp - check wtmp-file for deleted entriesSYNOPSISchkwtmpDESCRIPTIONChkwtmp examines the file /var/log/wtmp for entries with no information (containing only null-bytes). If such entries are found the program prints the time window for the original entry. This is done by displaying the timestamps of the wtmp-entry before and after the deleted entry. To run chkwtmp you need read permission on the file /var/log/wtmp. Normally this file is world-readable and no special privileges are required to run the checker.FILES/var/log/wtmp login data baseSEE ALSOwtmp(4), who(1)LIMITATIONSAn entry is recognized as overwritten if the time-information has been overwritten with null-bytes. This program was designed to run on SunOS 4.x systems only. On other systems the output is undefined... 7th Edition Thu Oct 12 1994 CHKWTMP(1)
| Related Man Pages |
|---|
| lastlog(5) - mojave |
| writetmp(8) - debian |
| utmp(5) - netbsd |
| wtmp(5) - netbsd |
| wtmpconvert(8) - osf1 |
| Similar Topics in the Unix Linux Community |
|---|
| How to know when you've been hacked |