hack attempt on my server...What do you do about this?
Michael Sullivan
michael at espersunited.com
Sun Jul 18 01:31:06 UTC 2004
In regards to your comment about not reading root's mail yet, you can
open your /etc/aliases file. Near the bottom you'll see a line that
says who gets root's mail. Change the default 'marc' to your regular
user account and then run 'newaliases'....
On Sat, 2004-07-17 at 19:41, John Dangler wrote:
> Clifford~
> Thanks for the reply.
> rpm-qa|grep logwatch reveals:
> logwatch-5.1.3
>
> I haven't started looking at the 'root' mail yet, since I haven't figured a
> way to get the email client to read the root from the local system.
> I did find the man page on logwatch and am reading up on it.
>
> Thanks for the tip!
>
> John Dangler
> GenoFit
> 800-505-4078 (Corporate)
> 386-767-3730 (Direct)
> www.genofit.com
> jdangler at genofit.com
>
>
> -----Original Message-----
> From: fedora-list-bounces at redhat.com [mailto:fedora-list-bounces at redhat.com]
> On Behalf Of Clifford Snow
> Sent: Saturday, July 17, 2004 8:34 PM
> To: 'For users of Fedora Core releases'
> Subject: RE: hack attempt on my server...What do you do about this?
>
> On Sat, 2004-07-17 at 12:53, John Dangler wrote:
> > As a newbie to this myself, I'm curious to know where you found that
> > information (what logs).
> > Thanks for the information.
>
> Check to see if you have LogWatch (rpm -qa|grep logwatch) installed. By
> default LogWatch sends messages to root everyday. Its easy to review
> your logs every day by just reading an email. If you don't have
> logwatch installed, it is available via yum.
>
> The alternative is to look in /var/log - numerous log files are fond
> there. However, some can be so large that its easy to miss an import
> message.
>
> --
> Clifford Snow
>
>
More information about the users
mailing list