Hello,
Need help on looking into possible break in.
Searching the auth.log for the IP address and the timestamp did not give any results..Code:$ lastlog Username Port From Latest root pts/0 *** Sat Feb 2 02:42:37 +0400 2013 ...
Any leads on how to proceed?
Thanks.
Bookmarks