Delete the bounce and “Password Authentication Accepted” logs.

Originally posted by simtom1500:

Delete the bounce and “Password Authentication Accepted” logs.

ok thanks

You can delete almost anything you want, what you MUST NOT delete is the current log in message. Because when you log out, a log-out message will be written that you can't delete (because you already logged out), putting up a huge, tell-tale sign to any admin that something's fishy.

NEVER delete your current log-in log!

I have always deleted everything related to the hack connection, even though I knew there will be a disconnect entry added after that might be suspicious. However, it doesn't seem to matter, and is actually appears to be a design oversight.

Since you can't remove the entry that will be placed after you've disconnected, you'll always leave a starting point for an offline trace, at which point you're better off not bothering with deleting anything there at all time wise, and just delete the routing log somewhere on the route you used. And this is true for any kind of access, even when you delete routing logs. You'd then have to go back deleting the routing for that connection, and then for that connection, and so on, because you always leave a logon/disconnect pair on the system you've hacked which should raise the question of who logged in at that time, why and where from. Except it doesn't matter because you don't get caught for leaving inconsistent log entries behind, as long as you break the route you used for access.