On Sun, 8 Jul 2001, Vince McHugh wrote:
> Can You tell me which logs you check on a regular basis ...
It depends on what you care about, and how you have your logging configured.
For example, I like to put a line like this
*.warn;kern.none /var/log/errors
in my /etc/syslog.conf file. That way, any malfunction is logged in a
separate file. Depending on your system, that may not be sufficient, or it
may be overly verbose.
> ... or if you think a box has been compromised?
If the machine has been compromised, logs aren't worth very much, because
the attacker may have (and likely has) modified the logs.
> If possible can you give me the exact name and location of the logs (I'm
> running SUSE 7.1 if that changes things).
SuSE, like most Linux distributions, puts their log files in the /var/log/
directory branch. Browse around in there for what you are looking for.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
