Re: various files in /var/log, what are they?
From: Noi (noi_at_siam.com)
Date: 10/03/03
- Next message: Flip: "Re: various files in /var/log, what are they?"
- Previous message: Gabci: "Re: Undelete"
- In reply to: Flip: "various files in /var/log, what are they?"
- Next in thread: Flip: "Re: various files in /var/log, what are they?"
- Reply: Flip: "Re: various files in /var/log, what are they?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 03 Oct 2003 13:37:44 GMT
On Thu, 02 Oct 2003 09:23:35 -0400, without thinking wrote:
> I see various files in my /var/log directory. Some are called messages,
> messages.1, lastlog (which is huge). Are the *.1 files older ones? The
> backups? The active ones? Is there a standard type of message that goes
> into the message file?
>
> I'm trying to identify when something "funny" is happening to my server,
> like the tell tale signs of an attack, etc.
>
> Thanks.
You should look into an intrusion detection system. RH7.2 installed
Tripwire by default which would send email to root when changes occurred
to watched files. It's time consuming to set up but it does track file
changes. Otherwise you could set up a your own cron jobs to find files or grep
log files.
- Next message: Flip: "Re: various files in /var/log, what are they?"
- Previous message: Gabci: "Re: Undelete"
- In reply to: Flip: "various files in /var/log, what are they?"
- Next in thread: Flip: "Re: various files in /var/log, what are they?"
- Reply: Flip: "Re: various files in /var/log, what are they?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
