Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Weird content at .bash_history
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Weird content at .bash_history

Recently i check my root .bash_history contain #

1470972489

1470972513

cd

1470972515

rkhunter

1470972524

w

1470972530

rkhunter --check

and everyday increase the number, is it normal ? i'm running centos 6

Thank you

Comments

  • NekkiNekki Veteran

    Holy shit, Rick Hunter?

    Thanked by 3hostdare Amitz Lunar
  • MakenaiMakenai Member
    edited August 2016

    It is the UNIX timestamp of the time when the command was executed.
    https://en.wikipedia.org/wiki/Unix_time

    Sorry for ruining everyones oppurtunity to troll

    Thanked by 1Verelox
  • hostdarehostdare Member, Patron Provider

    what is rick doing here ? asking for that number of IPs ?

  • @Makenai is correct, they are the UNIX timestamps. You can convert them to human readable format by running date -d @[timestamp here]. You can also use the command history to show the commands and the time they were executed.

    (I assume you have the variable HISTTIMEFORMAT exported, as these timestamps do not show by default unless I export that variable in my experience: i.e export HISTTIMEFORMAT="%d/%m/%y %T ")

  • rkhunter is a toolkit that looks for rootkits on your container. It might be part of the host's automated security checks. Who is your host?

  • Linux uses Epoch time, this is the number of seconds since 1/1/1970. Nothing to worry about with this bash history.

    http://www.epochconverter.com/
    1470972530 = Fri, 12 Aug 2016 03:28:50 GMT

    You may wish to consider locking down your exposed services just for piece of mind.
    https://wiki.centos.org/HowTos/Network/SecuringSSH
    fail2ban - Monitors logins to services such as FTP, SSH - Requires a little bit of setup in config but it's relatively painless.
    iptables or CSF http://configserver.com/cp/csf.html

  • NekkiNekki Veteran

    seanho said: rkhunter is a toolkit

    NEVER refer to Rick Hunter as a tool. Yeah, he wasn't as cool as Max Sterling or Roy Fokker, but he was still fucking cool.

    Thanked by 1doghouch
  • @Nekki said:

    seanho said: rkhunter is a toolkit

    NEVER refer to Rick Hunter as a tool. Yeah, he wasn't as cool as Max Sterling or Roy Fokker, but he was still fucking cool.

    To be honest, this place is pretty boring without him.

Sign In or Register to comment.