ShareWiz Ultra Secure Server Setup

Log Security

log

General Logging Security

Check Login Attempts

Issue the following command:

sudo last

The last command, by default, relies upon the /var/log/wtmp file existing.

If this file does not exist, then create it using the command:

sudo touch /var/log/wtmp

and then set the permissions by issuing the command:

sudo chmod 664 /var/log/wtmp

top

Check Bad Login Attempts

Issue the following command:

sudo lastb

The lastb command, by default, relies upon the /var/log/btmp file existing.

If this file does not exist, then create it using the command:

sudo touch /var/log/btmp

and then set the permissions by issuing the command:

sudo chmod 660 /var/log/btmp

top

LogWatch Security

Install LogWatch

Issue the following command:

sudo aptitude install logwatch

and select option "Internet"

logwatch allows the monitoring of logs.

It is a log analyser written in Perl with nice output.

top

Configure LogWatch

Issue the following command:

sudo vi /etc/logwatch/conf/logwatch.conf

sudo vi /usr/share/logwatch/default.conf/logwatch.conf

and change the following as shown:

Output = mail

Format = html

MailTo = admin@sharewiz.net

To customize logwatch go to /usr/share/doc/logwatch-*/ directory and read the file HOWTO-Customize-LogWatch.

top

Continue to the DNS Security...