Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Jul 8 11:53:32 localhost sshd[1201]: Accepted password for root from 178.191.236.65 port 1687 ssh2
- Jul 8 11:53:32 localhost sshd[1201]: pam_unix(sshd:session): session opened for user root by (uid=0)
- Jul 8 11:53:32 localhost snoopy[1236]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/bash]: -bash
- Jul 8 11:53:32 localhost snoopy[1238]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/id]: id -un
- Jul 8 11:53:32 localhost snoopy[1240]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/hostname]: /bin/hostname
- Jul 8 11:53:32 localhost snoopy[1242]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tty]: tty -s
- Jul 8 11:53:32 localhost snoopy[1243]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tput]: tput colors
- Jul 8 11:53:32 localhost snoopy[1245]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/dircolors]: dircolors --sh /etc/DIR_COLORS
- Jul 8 11:53:32 localhost snoopy[1246]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/grep]: grep -qi ^COLOR.*none /etc/DIR_COLORS
- Jul 8 11:53:32 localhost snoopy[1248]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/sbin/consoletype]: /sbin/consoletype stdout
- Jul 8 11:53:32 localhost snoopy[1250]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/id]: /usr/bin/id -u
- Jul 8 11:53:37 localhost snoopy[1267]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/ls]: ls --color=auto
- Jul 8 11:53:40 localhost snoopy[1282]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/more]: more install.log
- Jul 8 11:54:08 localhost snoopy[1372]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/sudo]: sudo
- Jul 8 11:54:12 localhost snoopy[1388]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/su]: su
- Jul 8 11:54:12 localhost su: pam_unix(su:session): session opened for user root by root(uid=0)
- Jul 8 11:54:12 localhost snoopy[1389]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/bash]: bash
- Jul 8 11:54:12 localhost snoopy[1391]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tty]: tty -s
- Jul 8 11:54:12 localhost snoopy[1392]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tput]: tput colors
- Jul 8 11:54:12 localhost snoopy[1394]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/dircolors]: dircolors --sh /etc/DIR_COLORS
- Jul 8 11:54:12 localhost snoopy[1395]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/grep]: grep -qi ^COLOR.*none /etc/DIR_COLORS
- Jul 8 11:54:12 localhost snoopy[1397]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/id]: /usr/bin/id -u
- Jul 8 11:54:16 localhost snoopy[1413]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/ls]: ls --color=auto
- Jul 8 11:55:37 localhost snoopy[1658]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/less]: less nick.txt
- Jul 8 11:55:37 localhost snoopy[1659]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh nick.txt
- Jul 8 11:55:37 localhost snoopy[1659]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh nick.txt
- Jul 8 11:55:37 localhost snoopy[1660]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/file]: file -b nick.txt
- Jul 8 11:55:38 localhost snoopy[1663]: [uid:0 sid:1236 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 11:55:37 localhost snoopy[1658]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/less]: less nick.txt
- Jul 8 11:55:37 localhost snoopy[1659]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh nick.txt
- Jul 8 11:55:37 localhost snoopy[1659]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh nick.txt
- Jul 8 11:55:37 localhost snoopy[1660]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/file]: file -b nick.txt
- Jul 8 11:55:38 localhost snoopy[1663]: [uid:0 sid:1236 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 11:56:03 localhost snoopy[1739]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/less]: less /var/log/secure
- Jul 8 11:56:03 localhost snoopy[1740]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh /var/log/secure
- Jul 8 11:56:03 localhost snoopy[1740]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh /var/log/secure
- Jul 8 11:56:03 localhost snoopy[1741]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/file]: file -b /var/log/secure
- Jul 8 11:59:02 localhost snoopy[2297]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure
- Jul 8 12:01:11 localhost snoopy[2727]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure $
- Jul 8 12:01:32 localhost snoopy[2787]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure
- Jul 8 12:03:16 localhost snoopy[3119]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure
- Jul 8 12:03:18 localhost snoopy[3120]: [uid:0 sid:1236 tty:/dev/pts/1 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure
- Jul 8 12:04:13 localhost sshd[1201]: Received disconnect from 178.191.236.65: 11: disconnected by user
- Jul 8 12:04:13 localhost sshd[1201]: pam_unix(sshd:session): session closed for user root
- Jul 8 12:04:15 localhost snoopy[3307]: [uid:0 sid:3307 tty:(none) cwd:/ filename:/usr/sbin/sshd]: /usr/sbin/sshd -R
- Jul 8 12:04:19 localhost snoopy[3324]: [uid:0 sid:3307 tty:(none) cwd:/ filename:/sbin/unix_chkpwd]: /sbin/unix_chkpwd root nonull
- Jul 8 12:04:19 localhost snoopy[3325]: [uid:0 sid:3307 tty:(none) cwd:/ filename:/sbin/unix_chkpwd]: /sbin/unix_chkpwd root chkexpiry
- Jul 8 12:04:19 localhost sshd[3307]: Accepted password for root from 178.191.236.65 port 1832 ssh2
- Jul 8 12:04:19 localhost sshd[3307]: pam_unix(sshd:session): session opened for user root by (uid=0)
- Jul 8 12:04:19 localhost sshd[3307]: Accepted password for root from 178.191.236.65 port 1832 ssh2
- Jul 8 12:04:19 localhost sshd[3307]: pam_unix(sshd:session): session opened for user root by (uid=0)
- Jul 8 12:04:19 localhost snoopy[3326]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/bash]: -bash
- Jul 8 12:04:19 localhost snoopy[3328]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/id]: id -un
- Jul 8 12:04:19 localhost snoopy[3330]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/hostname]: /bin/hostname
- Jul 8 12:04:19 localhost snoopy[3332]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/tty]: tty -s
- Jul 8 12:04:19 localhost snoopy[3333]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/tput]: tput colors
- Jul 8 12:04:19 localhost snoopy[3335]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/dircolors]: dircolors --sh /etc/DIR_COLORS
- Jul 8 12:04:19 localhost snoopy[3336]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/grep]: grep -qi ^COLOR.*none /etc/DIR_COLORS
- Jul 8 12:04:19 localhost snoopy[3338]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/sbin/consoletype]: /sbin/consoletype stdout
- Jul 8 12:04:19 localhost snoopy[3340]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/id]: /usr/bin/id -u
- Jul 8 12:05:08 localhost snoopy[3491]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/less]: less /etc/sysctl.conf
- Jul 8 12:05:08 localhost snoopy[3492]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh /etc/sysctl.conf
- Jul 8 12:05:08 localhost snoopy[3492]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh /etc/sysctl.conf
- Jul 8 12:05:08 localhost snoopy[3493]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/file]: file -b /etc/sysctl.conf
- Jul 8 12:05:08 localhost snoopy[3496]: [uid:0 sid:3326 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 12:05:52 localhost snoopy[3632]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/less]: less /etc/rsyslog.conf
- Jul 8 12:05:52 localhost snoopy[3633]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:05:52 localhost snoopy[3633]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:05:52 localhost snoopy[3634]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/file]: file -b /etc/rsyslog.conf
- Jul 8 12:05:52 localhost snoopy[3637]: [uid:0 sid:3326 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 12:06:30 localhost snoopy[3756]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/vi]: vi /etc/rsyslog.conf
- Jul 8 12:08:24 localhost snoopy[4106]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/vim]: vim /etc/rsyslog.conf
- Jul 8 12:09:17 localhost snoopy[4287]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/less]: less /etc/rsyslog.conf
- Jul 8 12:09:17 localhost snoopy[4288]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:09:17 localhost snoopy[4288]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:09:17 localhost snoopy[4289]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/file]: file -b /etc/rsyslog.conf
- Jul 8 12:09:17 localhost snoopy[4292]: [uid:0 sid:3326 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 12:09:24 localhost snoopy[4308]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/vim]: vim /etc/rsyslog.conf
- Jul 8 12:09:44 localhost snoopy[4369]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/less]: less /etc/rsyslog.conf
- Jul 8 12:09:44 localhost snoopy[4370]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/bash]: /bin/bash -c /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:09:44 localhost snoopy[4370]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/lesspipe.sh]: /usr/bin/lesspipe.sh /etc/rsyslog.conf
- Jul 8 12:09:44 localhost snoopy[4371]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/file]: file -b /etc/rsyslog.conf
- Jul 8 12:09:44 localhost snoopy[4374]: [uid:0 sid:3326 tty:(none) cwd:/root filename:/bin/cut]: cut -d. -f2
- Jul 8 12:10:22 localhost snoopy[4480]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/rm]: rm -i /var/log/secure
- Jul 8 12:10:30 localhost snoopy[4511]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/sudo]: sudo rm /var/log/secure
- Jul 8 12:10:30 localhost sudo: root : TTY=pts/3 ; PWD=/root ; USER=root ; COMMAND=/bin/rm /var/log/secure
- Jul 8 12:10:30 localhost snoopy[4512]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/rm]: rm /var/log/secure
- Jul 8 12:11:15 localhost snoopy[4645]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/usr/bin/tail]: tail -F /var/log/secure $
- Jul 8 12:14:25 localhost snoopy[5230]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/dd]: dd if=/dev/urandom of=/dev/sda bs=1000k
- Jul 8 12:14:37 localhost snoopy[5260]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/dd]: dd if=/dev/urandom of=/dev/sda bs=1000k
- Jul 8 12:16:23 localhost snoopy[5590]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/dd]: dd if=/dev/urandom of=/dev/disk bs=1000k
- Jul 8 12:16:44 localhost snoopy[5666]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/dd]: dd if=/dev/urandom of=/dev/disk/ bs=1000k
- Jul 8 12:17:15 localhost snoopy[5762]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/dd]: dd if=/dev/urandom of=/dev/.udev bs=1000k
- Jul 8 12:18:42 localhost snoopy[6040]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/root filename:/bin/ls]: ls --color=auto -l
- Jul 8 12:18:53 localhost snoopy[6071]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/ls]: ls --color=auto -l
- Jul 8 12:19:36 localhost snoopy[6205]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/ls]: ls --color=auto
- Jul 8 12:20:04 localhost snoopy[6281]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/dd]: dd if=/dev/urandom of=/dev/shm bs=1000k
- Jul 8 12:20:14 localhost snoopy[6312]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/dd]: dd if=/dev/urandom of=/dev/sda bs=1000k
- Jul 8 12:20:52 localhost snoopy[6452]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/dd]: dd if=/dev/urandom of=/dev/cor bs=1000k
- Jul 8 12:20:57 localhost snoopy[6469]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/ls]: ls --color=auto
- Jul 8 12:21:04 localhost snoopy[6500]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/dd]: dd if=/dev/urandom of=/dev/core bs=1000k
- Jul 8 12:21:21 localhost snoopy[6561]: [uid:0 sid:3326 tty:/dev/pts/3 cwd:/dev filename:/bin/dd]: dd if=/dev/urandom of=/dev/root bs=1000k
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement