Metropolis: King of Hackers!

Chapter 136 :Fake information! 【Subscribe for subscription】

Because Jamie’s server is often “enthusiastically” cared for by his peers, Jamie has become a habit of checking the server every day, and the time is variable, sometimes boring, and he will check it four or five times a day.

It is this good habit that can ensure the normal operation of the server for a long time, which has frustrated many colleagues who want to make a server idea.

First, Jamie checked if there were any suspicious processes in the system.

“Thank God, I didn’t find any annoying flies.” Usually, Jamie doesn’t dislike other people’s idea of ​​hitting the server, and even has some expectations.

But now, Jamie has a life-long task to do. He prays to God, hoping that there will be no monkeys who don’t open their eyes to mess up at this time, otherwise he must be good-looking.

However, God seemed to be hitting tons at this time and did not hear Jamie’s prayer. 550

Because, the experienced Jamie found a slight anomaly in the system. By checking the log, he found that there was a problem with the log within a few minutes.

Although the intruder modified the log file, deleted his traces of intrusion, and even forged log records according to the format of the log, the veteran Jamie still discovered the unusual.

“He is a great guy!” Jamie said to himself.

The log file is a record file that records various services or software operation in the computer system. It is like a surveillance video in a bank (cdai), which clearly records what happened in the system in the form of text.

After hackers invade the system, they will also leave their own footprints in the log file, as in the form of “a user from a certain ip downloaded a certain file at a certain time, minute and second. Of course, the format of the record may be somewhat different.

Cleaning up one’s own invasion “footprints” is also a very skilled art. The intruder must not only be very clear about which log files exist in the system, but also have to pay attention to many other things.

A rookie generally doesn’t know how to clean his butt, even if he has this consciousness, he often can’t clean it.

After all, it is not easy for a rookie to know how many hidden log files exist in the system, not to mention many people do not have this awareness.

Those who are more technically skilled can find the number and distribution of logs, but they often do it by emptying these logs or partially deleting their own intrusion records-however, this has fallen short.

As long as the administrator knows how to view log files, he can easily find that his machine has been invaded by others, unless he is a fool.

The highest level is not only to clean the “footprints”, but also to forge the “footprints”, so that the records in the log are not only coherent in time, but also required to look authentic in content, which requires the intruder to check the log files. The format is very researched.

Since the amount of recorded information in the log file is usually very large, it is very troublesome to find a suspicious log record, not to mention the effort to identify the authenticity of the record.

The reason why Jamie still found out was because he saw that a user had been downloading a picture file in the server. From a certain moment on, the log records were all generated by the user’s behavior from this ip.

Jamie took a look and found that the user had been downloading for more than two hours, and more than two hundred pictures had been downloaded. .