 | | | SYSLOG and security ? on RH9 | SYSLOG and security ? on RH9 2005-06-06 - By Mike Vanecek
Back
On Sun, 5 Jun 2005 20:41:54 -0400, Angelo wrote
> Naturally by these questions, I'm not as an Seasoned Veteran of Linux
> as I am with Winblow$ machines so I'm stumbling a little but I have 5
> questions: Syslogs and security;
>
> 1. Where are the SYSTEM logs stored?
/var/log
> 2. I saw this in my logs today "Jun 5 04:02:29 MYSERVERNAME syslogd
> 1.4.1: restart." - I didn't restart my computer and if I'm correct,
> does this mean my system was started?
No, syslogd was.
> 3. I know what it is on a WinBlow$ machine but I'm not sure on Linux,
> if a new account is on the system, where is that security event
> shown/tracked?
> 4. My Security logs only showed two entries :Jun 5 17:23:14
> MYSERVERNAME xinetd[3358]: START: sgi_fam pid=13765 from=<no address>
> Jun 5 20:19:32 MYSERVERNAME xinetd[3358]: START: sgi_fam pid=14119
> from=<no address>", this can't be possible - it appears to have been
> cleared? Is that possible?
>
> 5. How can I prevent my logs from being cleared and/or track when
> they have been?
For a start
man syslogd
man syslog.conf
man logrotate
less /etc/xinetd.d/sgi_fam
man xinetd
man useradd
man crond
man crontab
man chown
man chmod
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@(protected)?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
Earn $52 per hosting referral at Lunarpages.
|
|
|