I'm a root user on my server. There are a bunch of users on my system.
As you know, when you type w
you can see who is and who isn't online. With the last
command you can check last users who were logged in to your system, according to /var/log/wtmp
path.
Is there any way to stop all logging throughout the system for a specific user?
I know we can do like cat /dev/null > /var/log/wtmp
, but this action removes all of the logs.
It can be done by rootkits
like vlany
, but how we can do it without them, I mean with commands?