我的網站託管在 Hostgator 的共享伺服器中。
伺服器詳細資訊:
uname -a
Linux xxxx.hostgator.com x.xx.x.x86_64 #1 SMP Fri May 1 18:21:30 CDT 2015 x86_64 x86_64 x86_64 GNU/Linux
我很好奇誰登入了系統,我得到的輸出是:
$ who
me pts/1 Nov 2 14:11 (x.x.x.x) <= That's me
littlebox pts/0 Nov 2 16:54 (186.59.101.53) <= Who is this?
$ w littlebox
18:29:25 up 48 days, 11:46, 2 users, load average: 0.02, 0.00, 0.00
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
littlebo pts/0 186.59.101.53 16:54 0.00s 0.00s ? -
我已經檢查過,但沒有看到任何具有該名稱的用戶。因此,沒有 bash 歷史記錄文件來查看所執行的活動(如果有)。託管公司表示他們尚未登入。
我還檢查了最近使用的用戶登入情況last,發現該用戶「littlebox」今天登入了兩次,兩天前登入了一次。
以下是一些看起來可疑的條目。我的用戶/根條目已被刪除。
$ last
littlebo pts/0 186.59.101.53 Mon Nov 2 16:54 - 18:29 (01:35)
littlebo pts/5 186.39.184.11 Mon Nov 2 08:58 - 09:02 (00:04)
littlebo pts/4 190.113.162.226 Mon Nov 2 08:38 - 09:15 (00:36)
gvr pts/0 c-73-24-139-94.h Sun Nov 1 22:31 - 16:07 (17:36)
gvr pts/0 c-73-24-139-94.h Sun Nov 1 00:44 - 14:05 (14:21)
gvr pts/0 c-73-24-139-94.h Fri Oct 30 22:25 - 12:16 (13:50)
inov2 pts/0 99-45-228-199.li Fri Oct 30 21:17 - 21:27 (00:10)
littlebo pts/0 186.59.101.53 Fri Oct 30 16:30 - 16:47 (00:17)
littlebo pts/0 186.59.40.135 Fri Oct 30 14:40 - 15:27 (00:46)
ittlebo pts/1 186.59.55.133 Tue Oct 27 17:37 - 23:05 (05:28)
littlebo pts/0 186.59.55.133 Tue Oct 27 17:04 - 18:38 (01:33)
littlebo pts/0 186.59.55.133 Tue Oct 27 15:35 - 16:53 (01:17)
jarmad pts/0 115.178.250.160 Mon Oct 26 19:31 - 20:09 (00:38)
littlebo pts/0 186.59.108.234 Mon Oct 26 14:45 - 19:00 (04:15)
adzcer pts/1 124.104.204.134 Sat Oct 24 23:18 - 23:43 (00:24)
gvr pts/0 c-73-24-139-94.h Sat Oct 24 11:41 - 11:43 (00:01)
littlebo pts/1 186.59.108.234 Fri Oct 23 18:14 - 18:44 (00:30)
littlebo pts/0 186.59.108.234 Fri Oct 23 17:33 - 19:52 (02:18)
littlebo pts/1 186.59.108.234 Fri Oct 23 15:51 - 16:03 (00:11)
littlebo pts/0 186.59.108.234 Fri Oct 23 15:31 - 15:52 (00:20)
littlebo pts/0 186.59.0.201 Fri Oct 23 15:19 - 15:25 (00:05)
gvr pts/0 c-73-24-139-94.h Fri Oct 23 05:55 - 10:00 (04:04)
littlebo pts/0 186.59.0.201 Thu Oct 22 15:11 - 17:35 (02:24)
gvr pts/0 c-73-24-139-94.h Thu Oct 22 00:33 - 10:23 (09:50)
littlebo pts/0 186.59.121.19 Wed Oct 21 13:17 - 16:35 (03:18)
ramnath pts/0 117.194.37.189 Wed Oct 21 07:55 - 09:28 (01:32)
littlebo pts/0 186.59.121.19 Tue Oct 20 23:40 - 23:45 (00:05)
littlebo pts/0 186.59.121.19 Tue Oct 20 23:33 - 23:35 (00:02)
jarmad pts/0 115.178.236.121 Tue Oct 20 20:20 - 21:17 (00:57)
littlebo pts/0 186.59.121.19 Tue Oct 20 19:10 - 19:16 (00:06)
littlebo pts/0 186.59.121.19 Tue Oct 20 00:26 - 00:28 (00:01)
littlebo pts/0 186.59.121.19 Mon Oct 19 20:34 - 20:40 (00:06)
mcclxvii pts/4 69.80.105.74 Sun Oct 18 13:41 - 13:48 (00:07)
怎麼辦?請幫忙!