Hello folks,
I'm pretty new to OpenBSD and BSD in general, but I have an OpenBSD
Syslog server up and receiving data. I'd like to have the system be
pretty secure, and I'd like to monitor its security via a simple script
that runs daily.
Here's what I have in the script at the present time:
{ uptime ; date ; who ; ps -al ; cat /var/log/adduser ; cat
/var/log/authlog ; cat /var/log/messages ; cat /var/log/secure ; cat
/var/log/router ; } > daily-log.txt
Can some of you BSD pro's out there recommend some additions or changes
or other things that should be checked to help ensure the system isn't
compromised?
Is there a way to see who has logged into the system over a given period
for example? Who only tells me who's logged in when the command is run.
My sincere apologies if this isn't the right list for this query.
Please direct me to the proper are if that's the case.
Thanks!
Ted
