Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-amd64
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-amd64@g.o
From: Brett Johnson <brett@...>
Subject: Re: /var/log
Date: Wed, 21 Dec 2005 07:30:42 -0600
> > On 21 Dec 2005, at 12:32, Gavin Seddon wrote:
> > > I have been looking in '/var/log' for users logging on.  The files and
> > > directories in there are fastidiously organised (to say the least).
> > > Better than usual UNIX distros.  What is the best place to look for
> > > logins/hacks.
You should take a look at
http://www.gentoo.org/doc/en/security/security-handbook.xml. It has some
great information on securing your install, from pyhsical security to
logging all activity and everything inbetween. I would recommend setting
up logsentry (see section 3. Logging) which is a tool that parses the log
files and then emails you with unusual events.  It takes a little tweaking
to get it working good with metalog, but is very useful once it's setup.

I see you next thread is on firewalls, and that is addressed in the
security handbook too.

Brett
-- 
gentoo-amd64@g.o mailing list


References:
/var/log
-- Gavin Seddon
Re: /var/log
-- Craig Webster
Re: /var/log
-- Gavin Seddon
Navigation:
Lists: gentoo-amd64: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: /var/log
Next by thread:
Re: /var/log
Previous by date:
Re: Problems getting started
Next by date:
Re: firewall


Updated Jun 17, 2009

Summary: Archive of the gentoo-amd64 mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.