It appears that /var/log/lastlog is missing.

kistler · Jul 18, 2006

Would a hacker remove lastlog, I have been checking things and it seems ok I have ran a few scans and nothing has shown up. I am unsure why this would be removed on its own, I didn’t notice anything in the log watch report and I didn’t see any type of hacking attempt but I am just amazed that this file would up and walk away.

Any ideas, thx

chirpy · Jul 18, 2006

It does happen. You would have had to have a root compromise if a hacker disposed of it, but I would suspect logrotate beforehand. You can get it logging again simply with:

touch /var/log/lastlog

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

It appears that /var/log/lastlog is missing.

kistler Well-Known Member

chirpy Well-Known Member

cpanel-dovecot-solr appears to be down email

The service “letsencrypt-cpanel” appears to be down

The service “ipaliases” appears to be down.

The service ipaliases appears to be down

The service httpd appears to be down even though apache is running

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

It appears that /var/log/lastlog is missing.

kistler Well-Known Member

chirpy Well-Known Member

cpanel-dovecot-solr appears to be down email

The service “letsencrypt-cpanel” appears to be down

The service “ipaliases” appears to be down.

The service ipaliases appears to be down

The service httpd appears to be down even though apache is running

Share This Page