[Courses] [courses][security] what logs?
David Merrill
david at lupercalia.net
Wed Mar 27 17:24:00 EST 2002
On Tue, Mar 26, 2002 at 06:15:05PM +0100, Jillian-Beth Stamos-Kaschke wrote:
> Hi there,
>
> On Tue, Mar 26, 2002 at 05:05:54PM +0100, Hamster wrote:
>
> > While reading through various security related articles, and even some posts on our security course, I have seen numerous examples of people saying something like "I can see in our logs that we are getting scanned x times a day".
> >
> > I feel a bit silly asking this, but what logs are they referring to?
>
> Your system's logs, which are usually in /var/log/ .
> The name of the logfile can differ; for example SuSE logs
> everything in /var/log/messages (I think), whereas Debian uses
> /var/log/syslog (/var/log/messages exists on Debian systems,
> it just has a different function).
I installed and configured logcheck this week, and it is sweet. now I
get an hourly mail from it giving me any suspicious-looking activity
found in the logs. Already I don't know how I got by without it!
--
David C. Merrill http://www.lupercalia.net
Linux Documentation Project david at lupercalia.net
Lead Developer http://www.linuxdoc.org
To the cross roads I must go
To find a world unseen
Fear and wonder will I know,
And be a bridge between
-- To the Crossroads, Starhawk
More information about the Courses
mailing list