Security :: Detect File Deletion On An Operating System And Trace The File History Or Activity?
Oct 19, 2010
i am investigating on solutions to trace a file deletion on a computer( Linux O/S).i also need to determine weither after a file deletion or download on a computer, the computer clock had not been modified. In case a file has been downloaded on a computer and then transferred to a removable device, i need to find out the file activity. i mean i should be able to tell that the file was downloaded and transferred to a device with possible specifications.
View 2 Replies
ADVERTISEMENT
May 19, 2010
I see these activities logged on a fairly regular basis in /var/log/auth.log and was wondering if this is normal activity?
firefox: gethostby*.getanswer: asked for "ftp.cs.rose-hulman.edu IN A", got type "DNAME"
The format is always the same, though sometimes the address is a regular Internet site.
View 9 Replies
View Related
Jul 11, 2010
I'm only just starting out with the Linux ubunto 10.04 OS after yeas of wasted time on Microsoft os's,I hope I'm posting this request for help in the right forum thread, if not please accept my apologies, I have tried searching everywhere for help in installing a firmware file into the File System / lib / firmware directory and each time I get an access denied result. The file is for a DVB board and I have managed to track down the right Linux fw file for this particular piece of equipment, Could some kind helpful person either explain how to get this firmware file into the Root System directory or even send a link to another site that deals with this sort of problemI've downloaded all the programs via the Ubuntu Software Center that should be able to perform this task however all to no avail.The reason why I posted this thread in this forum board is that it (in my own personal opinion which may be wrong) seems to me to be a security problem
View 1 Replies
View Related
Oct 27, 2010
The configuration default in Gnome power manager has changed and now I can't access anything but, the log in menu. I made a post about it but, no reply. Now I ask anyone if there is a way I can retrieve my files or fix the power manager config files.I tried to reinstal ubunto but, it only alow me to installed on another partition and booth on either one. I don't think that will work. I tried to use ubunto on a stick but, it does not accept me signing in with the same password (too short). I would apreciate any suggestions to get my files back. Compiuter is a laptop HP MINI 210-1054TU software ubunto 10.4 latest
View 5 Replies
View Related
Mar 13, 2009
I want to develop file recovery software of linux operating system guide me how it will possible or how i should start.
View 2 Replies
View Related
Apr 1, 2011
At work I'm using a windows box with local and network drives. One of drives I have mapped is my Linux home directory (We have separate windows and linux accounts and home directories here). When I view it from windows, all of the files and folders beginning with . are shown, as would be expected. (Although . and .. aren't in any folder)
Just wondering if there is a way to tell windows to not show anything starting with a dot. I was hoping there's a registry entry or something that defines what a 'protected operating system file' is, so I could put dot files in the same category as thumbs.db etc.
View 1 Replies
View Related
Mar 5, 2010
I need to trace/track email activity in my ubuntu server, normal i use this command tail -f /var/log/mail/mail.log, more or less. But the problem i am facing is that it take a long time to go through the entire log as my server recieves thousands of emails per day. is the a code that i can use to search email in the log, for instance need to find perfectpol@mycompany.com in the mail log.
Secondly; if there is an email that is blocking others on the queue how can it be remove or forced to go the mailbox. or to view its contents in order to decide whether to remove it or not.
Had a problem that are said not arrival or that are delivered as late as a day and sometime 6hours.
View 2 Replies
View Related
Apr 26, 2011
I create the file mytest.txt. Since this process is using this file. if I run this code in background and simply run "rm -rf mytest.txt" than file gets delete. Here is my code
int main()
{
FILE *fp;
fp = fopen ("mytest.txt","wb");
if (NULL == fp)
{
[Code]....
View 7 Replies
View Related
Apr 26, 2011
I create the file mytest.txt. Since this process is using this file. if I run this code in background and simply run "rm -rf mytest.txt" than file gets delete.Please help me how to save this file from other process.Here is my code
int main()
{
FILE *fp;
[code]...
View 9 Replies
View Related
May 6, 2010
1) In our tmpfs /dev/shm we have what seem to be unused/stale files. Can these be safely deleted by using 'rm'.
2) How is the space calculated for tmpfs /dev/shm?
So for instance if we have unused/stale files are these in the calculation of space used? Red Hat Enterprise Linux Server release 5.4 x86_64
Fs Size Used Avail Use% Mounted on
tmpfs 32G 25G 7.9G 76% /dev/shm
View 4 Replies
View Related
Jul 15, 2010
I wanna trace user's command input history. but I dont plan to use "history", "lastcomm" becauze there is not detail of the user command history. if there is some software use to log user command to one file or database, it's suit for me.
View 1 Replies
View Related
Jan 17, 2010
My system started running at 75 % CPU (its normally 20%), so I opened a terminal and looked at 'top', there are many processes running as root, the one thats sucking the CPU is this:'user'- root, 'pid'-2963, 'command'-X. below that there are a few processes of my user account, then alot more 'root' processes.
View 2 Replies
View Related
Dec 15, 2010
I have an auditing problem. I am required to be able to track user account modifications (creates, deletes, password changes, etc.) My team and I implemented auditd 1.7.17 and borrowed an existing rule set from /usr/share/doc/audit-1.7.17/nispom.rules. What we're seeing is that user account activity from the command line is retrievable by doing an 'aureport -m'. However, doing the same through the GUI, 'aureport -m' does not display the activity. So I have two questions:1. Is there another location I should be looking to find the user creation activities when using the GUI?2. Is there a way to make the activity using the GUI be captured in /var/log/audit/audit.log so 'aureport -m' can report it?Someone suggested a PAM configuration change, but was not able to tell me what change to make.
View 3 Replies
View Related
Nov 28, 2010
Ubuntu in Windows 7 (64 bits) File system installed using Wubi I got Ubuntu 10.04 LTS intalled using Wubi. That means Ubuntu resides inside Windows file / folder system. It also means Ubuntu does not have its own partition. Here is what I found out:
1) It cannot detect wireless network unlike Win 7 on this same laptop. However, when I plug in ethernet cable, it was able to detect it. Is there a fix this problem?
2) I cannot see Windows folders. How do access windows folder from Ubuntu side and vice versa?
3) I forgot to set the disk space for Ubuntu during install and I think the default is 17 GB.Would this cause me problems? If so, what do I need to do? How do I expand the disk space for Ubuntu?
View 1 Replies
View Related
Apr 27, 2011
Is there any way to view the any user activity/ commands history and date, time in the system? I look at the /var/log/secure but I can find only the login/ logout attempts and "history" command doesn't come with date/time that the user issue the commands. Any there any best practice to audit the user activities inside the system?
View 9 Replies
View Related
Feb 14, 2010
Does Linux have a way to trace writes to a file?
For each write, I would like to know the time, date, process id, user, file position, byte count, and the data written.
I could use this with a script to replay the writes to a backup of the original file, and reproduce the file contents as they were at a point in time.
View 4 Replies
View Related
Jun 10, 2011
This is a trace-all the files so that you can imagine my trace file format.
Code:
+ 0.1 1 0 cbr 164 ------- 1 1.0 0.0 0 0
- 0.1 1 0 cbr 164 ------- 1 1.0 0.0 0 0
r 0.111312 1 0 cbr 164 ------- 1 1.0 0.0 0 0
[code]....
View 10 Replies
View Related
Jul 28, 2010
Alright, I have a network trace file that I want to parse through.
The file looks like this:
+ 1.002 /NodeList/1/DeviceList/0/$ns3::PointToPointNetDevice/TxQueue/Enqueue ns3::PppHeader (Point-to-Point Protocol: IP (0x0021)) ns3::Ipv4Header (tos 0x0 ttl 62 id 0 protocol 6 offset 0 flags [none] length: 40 10.2.1.1 > 10.1.1.1) ns3::TcpHeader (49153 > 26 [ SYN ] Seq=0 Ack=0 Win=65535)
- 1.002 /NodeList/1/DeviceList/0/$ns3::PointToPointNetDevice/TxQueue/Dequeue ns3::PppHeader (Point-to-Point Protocol: IP (0x0021)) ns3::Ipv4Header (tos 0x0 ttl 62 id 0 protocol 6 offset 0 flags [none] length: 40 10.2.1.1 > 10.1.1.1) ns3::TcpHeader (49153 > 26 [ SYN ] Seq=0 Ack=0 Win=65535)
[Code]....
View 2 Replies
View Related
Sep 10, 2010
I want to create VBR traffic,I created file which contain two 32 bit fields.But When I execute tcl program with this.No pkt transfer is shown.When same program I tried with example-trace ,i saw pkt transfer.Containt of my traffic trace file is as follows :
[Code]...
View 4 Replies
View Related
Mar 22, 2011
how do i plot the trace file into a graph? can any 1 show an example here? just any trace file will do
View 13 Replies
View Related
May 1, 2011
How to plot graphs for trace files generated in ns2 using xgraph and gnuplot.
View 7 Replies
View Related
Mar 16, 2011
Quote:
In this video, Tim Armstrong, a malware researcher at Kaspersky Lab talks with Ryan Naraine about the strengths and weaknesses of the Android operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting Android devices.
View 1 Replies
View Related
May 11, 2011
I need to trace the actions that are performed by my .cshrc file. Is there a command i can use to get a printout of this?
View 3 Replies
View Related
May 27, 2011
when I run a tcl script using ns-2.30 and get a result and run the sam script in ns-2.29 and get an error and run the script file in ns-2.33 and get a result but the output filr (out.tr) is less in size than the output file of ns-2.30 i and also in the details of time scale , for example one out.tr file contains 19000 line (2 M byte size) and the other out.tr file for the same tcl file using the ns-2.33 version contains 10000 lines (1. M byte size) . Does that make since ? also in result file nam file for ns-2.30 it has some drops but the ns-2.33 has no drops! when I run the name !!!. is the time scale for simulation tunable or can be aligned?
View 1 Replies
View Related
Jan 13, 2010
Will a Linux operating system lose data during a power failure as does a Windows operating system?
(If yes.) This has not come up before but I'm going to be doing some work I don't want to lose.
Could you either point me to a backup tutorial or give me the quick overview of preserving stuff with Ubuntu?
View 4 Replies
View Related
Dec 31, 2010
Http://www.breitbart.com/article.php...show_article=1
I just read the above article. Someone in Communist China has found a way to create a virus in the Android operating system. Android is a Linux fork.
It looks as though the virus is quite specific: it only works on certain apps downloaded from Communist China. I'm hoping that the Google Android version of Linux is different enough from the standard Linux it was "forked" off of that it will be of no concern to we desktop Linux users.
Does this mean that we Linux users must begin running anti-virus software as a continuous process now? What is the chance standard distros will be affected?
View 6 Replies
View Related
Jun 5, 2011
A few month ago one of my computers ( hp thin client ) was compromised. I reformatted the harddrives and reinstalled MANDRIVA 2010 .
After a few days I had been prompted at login with a username robert
even if there was no more user robert ( I changed to use rob at new installation )
So I became nervous and formatted again 4x first ext3 than swap than ntfs than
reiserfs. I kept this computer out of network ( used as standalone no LAN no WLAN )
I reformatted all my usb sticks and external hds. And now a few days ago the clou, robert was back again at login !
But there is no user robert in /etc/shadow how to stop him coming back ?
View 14 Replies
View Related
Apr 6, 2010
i have generated .exe file from C file (ie filename.c ) after compiling in linux machine with -O option. I wish to know about how to run that .exe file when linux system starts up ?
View 3 Replies
View Related
May 2, 2010
I bought a new SD card which I intend to put some MP3s on - except that I can't write to it because it tells me the destination is Read Only. No-probs thinks I: I'll just reformat it.
"Error creating file system: helper exited with exit code 1: cannot open /dev/mmcblk0p1: Read-only file system"
Various chmod commands all result in Read-only file system. I tried umount then mount commands, but it couldn't find it to mount once I'd unmounted it using the same /media/ file path (I assume it's the only one).
View 9 Replies
View Related
Jul 12, 2010
My Redhat Enterprise Linux 4 with 6x partitions (/, /boot,/home, /usr, /var, /tmp) of 6.0 GB IDE Hardisk was working quite fine. I decided to create LVM on /home and /var partitions but due to some errors occured and I delete the /home partitions. That's why partition table altered. I then delete 4,5,and 6th partitions (/home, /var, /tmp) partitions and now try to create one by one but following error is coming:-
[Code]....
The Super block could not be read or do not describe a clear ext2 file system. E2fsck b 8193 <device> I have tried following commands,but could not successful:- e2fsck -p /dev/hda7 (where hda7 was created but afterthat it was deleted) e2fsck -a /dev/hda7
View 2 Replies
View Related
