LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 06-13-2005, 05:38 AM   #1
t3gah
Member
 
Registered: Dec 2004
Distribution: SuSE, RedHat, ubuntu, Debian
Posts: 734

Rep: Reputation: 30
Arrow [Security Questions] Last Login, how good is this feature for security breach info?


Is there a way to have a secure last login log of who's been logging into the system and/or logging into email accounts?

With being owned so many times I want a sure fire way to track these people. So can the log be offloaded automatically to a secure slice in / or maybe /root ? If so, would the umask of 077 be enough or ?
 
Old 06-13-2005, 06:24 AM   #2
marghorp
Senior Member
 
Registered: Jan 2004
Location: Slovenia
Distribution: Slackware 10.1, SLAX to the MAX :)
Posts: 1,040

Rep: Reputation: 45
Depends on who owns you and how good are they at it. If they get root privileges, nothing is safe, not even in /root.

I said if they know what they are doing, they might trace your logging script and clear the logs. A good thing would be to log to a remote machine, this is rather more secure than logging to a machine that's been compromised.
 
Old 06-14-2005, 01:02 AM   #3
RandomLinuxNewb
Member
 
Registered: Oct 2003
Distribution: Slackware
Posts: 101

Rep: Reputation: 15
If your getting owned multiple times you really need to evaluate what your doing wrong. Are you running any unnecessary services, did you pick a good strong root password and user password? Did you keep up to date on security patches?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Breach in Sendmail Security? bper Linux - Security 2 08-02-2005 05:40 PM
Network Security Breach nbjayme Linux - Security 0 03-17-2004 06:49 PM
security breach: send mail to unknown address? graffitici Linux - Security 4 01-29-2004 05:27 PM
HTTP access_log: security breach? lhoff Linux - Security 3 02-16-2002 11:10 AM
Security breach? lhoff Linux - Security 5 02-15-2002 01:33 AM


All times are GMT -5. The time now is 05:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration