Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 06-13-2005, 06:38 AM   #1
Registered: Dec 2004
Distribution: SuSE, RedHat, ubuntu, Debian
Posts: 734

Rep: Reputation: 30
Arrow [Security Questions] Last Login, how good is this feature for security breach info?

Is there a way to have a secure last login log of who's been logging into the system and/or logging into email accounts?

With being owned so many times I want a sure fire way to track these people. So can the log be offloaded automatically to a secure slice in / or maybe /root ? If so, would the umask of 077 be enough or ?
Old 06-13-2005, 07:24 AM   #2
Senior Member
Registered: Jan 2004
Location: Slovenia
Distribution: Slackware 10.1, SLAX to the MAX :)
Posts: 1,040

Rep: Reputation: 45
Depends on who owns you and how good are they at it. If they get root privileges, nothing is safe, not even in /root.

I said if they know what they are doing, they might trace your logging script and clear the logs. A good thing would be to log to a remote machine, this is rather more secure than logging to a machine that's been compromised.
Old 06-14-2005, 02:02 AM   #3
Registered: Oct 2003
Distribution: Slackware
Posts: 101

Rep: Reputation: 15
If your getting owned multiple times you really need to evaluate what your doing wrong. Are you running any unnecessary services, did you pick a good strong root password and user password? Did you keep up to date on security patches?


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Breach in Sendmail Security? bper Linux - Security 2 08-02-2005 06:40 PM
Network Security Breach nbjayme Linux - Security 0 03-17-2004 07:49 PM
security breach: send mail to unknown address? graffitici Linux - Security 4 01-29-2004 06:27 PM
HTTP access_log: security breach? lhoff Linux - Security 3 02-16-2002 12:10 PM
Security breach? lhoff Linux - Security 5 02-15-2002 02:33 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:55 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration