next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---812771576-1144114059-927057188=:18779 Content-Type: TEXT/PLAIN; charset=US-ASCII On Tue, 18 May 1999, David L. Potter wrote: > My guess is that they're orphaned/defunct processes that have died for > some reason... > > Is there a pattern... > - time of day the sessions start > - remote host...? There is a definate pattern. See attached file. > You should be able to find the session in the output of `last` which > should show the original tty. Well, the last guest before this one was on tty01 which was used by someone else minutes later. Very interesting. The first occurance (this month) shows: guest tty?? elrond Fri May 14 00:30 - 17:53 (2+17:23) After that it looks like tty?? was continuously connected. Bizzare. I've attached the output of: 'last guest | grep tty??'. > If the sessions is truly orphaned I think you can just leave it unless > it's making a nuisance of itself in some way. It just shows silly who output. "27/6 dialup connection(s) in use." I hope. Is there any chance this is the symptom of some kind of break-in? Cheers, David. David M. Lott System Administrator P.G. Free-Net www.pgfn.bc.ca Prince George, BC, Canada. ---812771576-1144114059-927057188=:18779 Content-Type: TEXT/PLAIN; charset=US-ASCII; name=guest Content-Transfer-Encoding: BASE64 Content-ID: <Pine.LNX.3.96.990518125308.18779D@strider.pgfn.bc.ca> Content-Description: Z3Vlc3QgICAgdHR5Pz8gICAgICAgIGVscm9uZCAgICAgICAgICAgTW9uIE1h eSAxNyAwODoxMSAgIHN0aWxsIGxvZ2dlZCBpbg0KZ3Vlc3QgICAgdHR5Pz8g ICAgICAgIGVscm9uZCAgICAgICAgICAgTW9uIE1heSAxNyAwNzoyNCAtIDA4 OjExICAoMDA6NDYpDQpndWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAg ICAgICAgICBNb24gTWF5IDE3IDAwOjI3IC0gMDc6MjQgICgwNjo1NikNCmd1 ZXN0ICAgIHR0eT8/ICAgICAgICBlbHJvbmQgICAgICAgICAgIE1vbiBNYXkg MTcgMDA6MTUgLSAwMDoyNyAgKDAwOjExKQ0KZ3Vlc3QgICAgdHR5Pz8gICAg ICAgIGVscm9uZCAgICAgICAgICAgU3VuIE1heSAxNiAyMzo0NiAtIDAwOjE1 ICAoMDA6MjkpDQpndWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAg ICAgICBTdW4gTWF5IDE2IDIzOjQ1IC0gMjM6NDYgICgwMDowMSkNCmd1ZXN0 ICAgIHR0eT8/ICAgICAgICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYg MjM6MjkgLSAyMzo0NSAgKDAwOjE1KQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAg IGVscm9uZCAgICAgICAgICAgU3VuIE1heSAxNiAyMzowOSAtIDIzOjI5ICAo MDA6MTkpDQpndWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAg ICBTdW4gTWF5IDE2IDIyOjQzIC0gMjM6MDkgICgwMDoyNikNCmd1ZXN0ICAg IHR0eT8/ICAgICAgICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYgMjE6 MzEgLSAyMjo0MyAgKDAxOjExKQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAgIGVs cm9uZCAgICAgICAgICAgU3VuIE1heSAxNiAyMDo1NSAtIDIxOjMxICAoMDA6 MzUpDQpndWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAgICBT dW4gTWF5IDE2IDE5OjQ1IC0gMjA6NTUgICgwMToxMCkNCmd1ZXN0ICAgIHR0 eT8/ICAgICAgICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYgMTk6NDEg LSAxOTo0NSAgKDAwOjAzKQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAgIGVscm9u ZCAgICAgICAgICAgU3VuIE1heSAxNiAxOTozNSAtIDE5OjQxICAoMDA6MDUp DQpndWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAgICBTdW4g TWF5IDE2IDE4OjU2IC0gMTk6MzUgICgwMDozOSkNCmd1ZXN0ICAgIHR0eT8/ ICAgICAgICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYgMTg6MzAgLSAx ODo1NiAgKDAwOjI2KQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAgIGVscm9uZCAg ICAgICAgICAgU3VuIE1heSAxNiAxODoyMSAtIDE4OjMwICAoMDA6MDgpDQpn dWVzdCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAgICBTdW4gTWF5 IDE2IDE4OjExIC0gMTg6MjEgICgwMDowOSkNCmd1ZXN0ICAgIHR0eT8/ICAg ICAgICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYgMTc6NTggLSAxODox MSAgKDAwOjEyKQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAgIGVscm9uZCAgICAg ICAgICAgU3VuIE1heSAxNiAxNzo1NyAtIDE3OjU4ICAoMDA6MDEpDQpndWVz dCAgICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAgICBTdW4gTWF5IDE2 IDE3OjU2IC0gMTc6NTcgICgwMDowMCkNCmd1ZXN0ICAgIHR0eT8/ICAgICAg ICBlbHJvbmQgICAgICAgICAgIFN1biBNYXkgMTYgMTc6NTQgLSAxNzo1NiAg KDAwOjAyKQ0KZ3Vlc3QgICAgdHR5Pz8gICAgICAgIGVscm9uZCAgICAgICAg ICAgU3VuIE1heSAxNiAxNzo1MyAtIDE3OjU0ICAoMDA6MDEpDQpndWVzdCAg ICB0dHk/PyAgICAgICAgZWxyb25kICAgICAgICAgICBGcmkgTWF5IDE0IDAw OjMwIC0gMTc6NTMgKDIrMTc6MjMpDQo= ---812771576-1144114059-927057188=:18779--
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects