SSH is a remote login protocol used to login to a remote host for executing and managing remote machines. It is one of the most usable and known linux binary program ever, and it comes for free.
By default ssh installation, ssh open host port number 22 unless customized by user by editing /etc/ssh/ssh*config files. It also uses /var/log/secure as its default log file. This log file contains a lot of important authentication log details and system messages.
In addition from having rpm packages like denyhosts and logwatch, that scans and parses your server's ssh log files, I have compiled these quick and dirty brief examples below to parse /var/log/secure ssh log file and obtain more specific results.
All commands issued here would be done inside CLI terminal.
From /var/log/secure...
lunes, 6 de agosto de 2007
Suscribirse a:
Enviar comentarios (Atom)
No hay comentarios:
Publicar un comentario