hello,
I have an ssh service running so my friends can log in (I also know that having an open service on this port on the internet makes it possible for anyone to gain access), but how do I check to see when they have logged in because I might not be on the system when they are, so doing "who" would not work.
Is there some sort of logfile somewhere that keeps track of who logged in and what time?
In addition to that, I know it is possible (if they decided to mess with my computer, or if a hacker broke in) to edit or alter logfiles to hide the event of them gaining access to the system. What are some good ways to defend against this as well?
Sorry for so many questions, I'm not very knowledgeable about networking no matter despite how much I have read about it.
Thanks a lot,
otacon