On Tue, Apr 14, 2009 at 3:28 PM, LeRoy, Ted <tle...@lsisolutions.com> wrote:
> Hello folks,
>
> I'm pretty new to OpenBSD and BSD in general, but I have an OpenBSD
> Syslog server up and receiving data. I'd like to have the system be
> pretty secure, and I'd like to monitor its security via a simple script
> that runs daily.
>
> Here's what I have in the script at the present time:
>
> { uptime ; date ; who ; ps -al ; cat /var/log/adduser ; cat
> /var/log/authlog ; cat /var/log/messages ; cat /var/log/secure ; cat
> /var/log/router ; } > daily-log.txt
>
> Can some of you BSD pro's out there recommend some additions or changes
> or other things that should be checked to help ensure the system isn't
> compromised?
Have you looked at /etc/daily?
> Is there a way to see who has logged into the system over a given period
> for example? Who only tells me who's logged in when the command is run.
last
