Differences

This shows you the differences between two versions of the page.

--- hacking:determine_if_your_computer_is_hacked [2020/11/26 22:17] – peter
+++ hacking:determine_if_your_computer_is_hacked [2020/11/26 22:28] (current) – peter
@@ Line 52: / Line 52: @@
 peter    :0           :0               Sat Aug  8 18:54 - down   (03:11)
 reboot   system boot  5.4.0-42-generic Sat Aug  8 18:53 - 22:05  (03:11)
+...
+</code>
+----
+===== Show last command by a user =====
+<code bash>
+tail -n 100 ~/.bash_history
+</code>
+returns:
+<code bash>
+...
+df
+htop
+ip addr
+sudo apt update
+sudo apt upgrade
+systemd-resolve --status
+sudo systemctl restart systemd-resolved
+exit
+...
+</code>
+----
+===== Find System Files that have recently changed =====
+<code bash>
+sudo find /etc /var -mtime -2
+</code>
+returns:
+<code bash>
+...
+/etc
+/etc/apport
+/etc/apport/blacklist.d
+/etc/cron.daily
+/etc/bash_completion.d
+/etc/pm/sleep.d
+/etc/grub.d
+/etc/default
+/etc/default/grub
+/etc/default/grub.d
+/etc/systemd/system
 ...
 </code>