smirc -- i only use linux for routing and serving purposes...
of course i would like it to be secure, but im still very new to the OS...
I installed tripwire a while back and the following files have been updated:

"/var/log/ksyms.1"
"/var/log/ksyms.0" -- these 2 were added

"/var/lock/subsys/syslog"
"/var/run/klogd.pid"
"/etc/sysconfig/hwconf" -- these were all edited, i read through them, didn't see anything blatant

"/etc/rc.d/rc.local" --this i edited

"/dev/log"
"/root"
"/root/.mysql_history" -- /dev/log and /root/.mysql_history modified


There is no damage done (notciable) and ssh tells me the last user to login in was from 1969, then leaves the IP blank. (I ssh'ed disconnected and connected again,