> Hello folks,
>
> I'm pretty new to OpenBSD and BSD in general, but I have an OpenBSD
> Syslog server up and receiving data. I'd like to have the system be
> pretty secure, and I'd like to monitor its security via a simple script
> that runs daily.
>
> Here's what I have in the script at the present time:
>
> { uptime ; date ; who ; ps -al ; cat /var/log/adduser ; cat
> /var/log/authlog ; cat /var/log/messages ; cat /var/log/secure ; cat
> /var/log/router ; } > daily-log.txt
>
> Can some of you BSD pro's out there recommend some additions or changes
> or other things that should be checked to help ensure the system isn't
> compromised?
>
> Is there a way to see who has logged into the system over a given period
> for example? Who only tells me who's logged in when the command is run.
>
> My sincere apologies if this isn't the right list for this query.
> Please direct me to the proper are if that's the case.
>
> Thanks!
>
> Ted
I'm hardly a BSD pro, but I'd encourage you to read the man pages for
daily(8) and security(8) if you haven't already done so.
--
Joe Gidi
[email protected]
