wtmp

The utmp file can be manipulated with the fwtmp command. 1.check the last modification time of the /etc/utmp file ls -l /etc/utmp -rw-r–r– 1 root root 1620 Jun 28 09:22 /etc/utmp 2.convert the binary /etc/utmp file to ascii : /usr/sbin/acct/fwtmp /tmp/utmp.ascii 3.edit the /tmp/utmp.ascii file to remove the old entries Note : the entries are […]