Hi Max Max wrote: > We're quite happy to write some analysis > programs (if that's not already been done) > to count answered calls - i.e. if we know > in which file(s) to find what patterns... > > Any leads would be most welcome. Here is a guess on my part. grep "Mar 20" /var/log/messages | grep chat | grep send | less should show you dial attempts on the given date. grep "Mar 20" messages | grep "Connected to site" | less would show show successfull IP address (or not) > > > PS We had a look at some of the logs in /var > (and below), only to find that several seem to /var/log/messages should have what you want > > be very different that what we expected to find; > i.e. for one with time-stamped lines, dates are > out-of-order (it this normal or have they pos- > sibly been scrambled by some intruder?) Dates should be in order. Do you have a bad battery and maybe NTP is resetting clock? Again, just guessing here. Depending on whether you have telnet enabled and password strength you might be hacked. My son was hacked yesterday but he was using RH 7 (not e-smith) with his own firewall rules. Best Regards, Paul Miller