By: Silvio Cesare, 6th May, 1997
chkwtmp is an intrusion detection analyzer for the wtmp logfile on systems
running the Linux OS.
SYNOPSIS
Usage: chkwtmp [options]
-w wtmp wtmp filename
-t Print unformatted timestamps
DESCRIPTION
chkwtmp is able to log most of the typical zap wtmp utilities (everything
i've seen). The typical zap program relies on using only the current
session logs and does no furthur processing after session completion, even
though the wtmp logs have init logs logout entries.
Silvio Cesare, <silvio@rocknet.net.au>
ftp://ftp.rocknet.net.au/pub/silvio/