1 |
> > On 21 Dec 2005, at 12:32, Gavin Seddon wrote: |
2 |
> > > I have been looking in '/var/log' for users logging on. The files and |
3 |
> > > directories in there are fastidiously organised (to say the least). |
4 |
> > > Better than usual UNIX distros. What is the best place to look for |
5 |
> > > logins/hacks. |
6 |
You should take a look at |
7 |
http://www.gentoo.org/doc/en/security/security-handbook.xml. It has some |
8 |
great information on securing your install, from pyhsical security to |
9 |
logging all activity and everything inbetween. I would recommend setting |
10 |
up logsentry (see section 3. Logging) which is a tool that parses the log |
11 |
files and then emails you with unusual events. It takes a little tweaking |
12 |
to get it working good with metalog, but is very useful once it's setup. |
13 |
|
14 |
I see you next thread is on firewalls, and that is addressed in the |
15 |
security handbook too. |
16 |
|
17 |
Brett |
18 |
-- |
19 |
gentoo-amd64@g.o mailing list |