02-04-2004
I agree with your points about lazy people and what the moderators have to put up with as being very valid. Your not paid and it requires a lot of patience. In addition the time you do put into the forum could be spent doing just about anything else.
A lot of us in the I.T. business today find ourselves thrust into positions where we have little background, we're offered no training, not enough time in the day to take care of the servers we're already responsible for, and yet your expected to become the instant expert. We do search the forums, or google to find answers to problems we face. We are willing to read the documents or do the research. What we need for the most part is for someone who knows, to simply put our feet on the right path so we can walk down it. The man pages for example. And, at times we also need the quick fix. The boss is standing behind you and wants an answer and you don't have a clue as to where to start looking. So you post up in the forums and hope that someone has mercy and shares with you, either the answer, or at least the path. Anyway thanks for the tip on the core files, it's much appreciated.
I find myself in this position, my /var/adm/messages file says that "sshd: fatal: local: This server does not support your new ssh version." I know ssh stands for secure shell, I know my sshd daemon is running, it's suppose to be more secure than telnet, because telnet uses clear text. I know I'm running an early version of ssh that should be updated. I look on Cert's site and see that even the latest version of ssh still has holes in it that can be exploited. I know that hackers scan forums such as this one, for messages from people like me, so they can find potential victims. My boss wants to know have we been hacked, who's trying to use this version of ssh. Isn't there a log file you can search that will tell you when someone has logged into the system. My thoughts, gee, if they're smart enough to hack into the system, hack the root password, then they're smart enough to cover up their tracks. Maybe some training is in order here, if you want the answer to that question. Maybe we should be installing Tripwire or something like it to help monitor the system. Opps out of the question, the budget don't have dollars for training or Tripwire. Your so right when you say on some days it's not even worth showing up.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Help me
How can I go about doing this.
also, if you have any idea of other files I can delete and what I can do to improve the performance of a system thats running too slow (6 Replies)
Discussion started by: IMPORTANT
6 Replies
2. UNIX for Advanced & Expert Users
please help me, what can i do with the bountiful amount of core files our systems seem to have on occassional basis?? how do I analyze it and determine why the core file was dumped by the application that dumped it. the operating systems we use are solaris, DG-UX and linux red hat systems. (5 Replies)
Discussion started by: TRUEST
5 Replies
3. UNIX for Advanced & Expert Users
can some tell me how to do this. I mean, i tried finding this out on my own but when I checked the man pages, i got a truckload of commands available pertaining to this task which in turn got me confused.
so my question is, if there is a simple straight forward(not necessarily easy) way to... (2 Replies)
Discussion started by: TRUEST
2 Replies
4. AIX
Hello world
please, i would like to know where i can find all of :
1 Every connexion whith FTP
2 Every connexion whith telnet
3 Every connexion whith RCP
4 Every event when crash will arrive
thanks in advance (1 Reply)
Discussion started by: mktahar
1 Replies
5. Solaris
Hi ,
OS: Solaris 9
Where can I find the most important Log files in my system ?! I need to monitor the errors and also for auditing ..
Regards
Adel (1 Reply)
Discussion started by: ArabOracle.com
1 Replies
6. UNIX for Dummies Questions & Answers
what are core files?? Can I safely delete them??? Please, help (2 Replies)
Discussion started by: ldaliosmane
2 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I am trying to use "find / -name core -print | xargs rm -f " ,but it would delete all core files including some core files we do not want to delete.
I search privious posts,someone said "To check what a core file came from - use the file command"
I used man page to search file command,but... (9 Replies)
Discussion started by: lemon_06
9 Replies
8. Shell Programming and Scripting
Hi Friends,
I am new to this , I am working on AIX system and my scenario is to retrive the files from remote system and remove the files from the remote system after retreving files. I can able to retrieve the files but Can't remove files in remote system. Please check my code and help me out... (3 Replies)
Discussion started by: vinayparakala
3 Replies
9. UNIX for Beginners Questions & Answers
Hi All,
I need to write a script to find all "*.sh" files in /home file system and if any string find "*.sh" files with the name vijay@gmail.com need to replace with vijay.bhaskar@gmail.com. I just understood about the find the command to search .sh files. Please help me on this.
find / -name... (3 Replies)
Discussion started by: bhas85
3 Replies
LEARN ABOUT REDHAT
newslog
NEWSLOG(5) File Formats Manual NEWSLOG(5)
NAME
newslog - description of Usenet log files
DESCRIPTION
Most log files created by Usenet programs reside in the <pathlog in inn.conf> directory and have a ``.log'' extension. Several versions
are usually kept with an additional extension such as ``.1'', ``.2'', etc. -- the higher the number, the older the log. The older versions
are compressed.
The scanlogs script and related utilities (see newslog(8)) are responsible for rotating and compressing these files.
Some log files always have data, others only have data if there is a problem, and others are only created if a particular program is used
or configuration parameter is set. The innstat script (see newslog(8)) monitors the size of all log files.
The following files will only accumulate data under the direction of control.ctl(5):
control.log miscctl.log newgroup.log rmgroup.log unwanted.log
In order to create these files, the ``message'' and ``action'' fields of control.ctl should be chosen from the following table:
Message Action Meaning
all log=miscctl Log all messages by default
default log=miscctl Log unknown messages
newgroup doit=newgroup Create group and log message
newgroup log=newgroup Log message
rmgroup doit=rmgroup Remove group and log message
rmgroup log=rmgroup Log message
``other'' doit=miscctl log and process the message
``other'' log=miscctl Log message
Here, ``other'' refers to any other control message such as:
checkgroups ihave sendme sendsys senduuname version
The following is a list of log files.
control.log
This file maintains a count of the number of newgroup and rmgroup control messages seen for each newsgroup. The count is of the
number of control messages with identical arguments, regardless if they were actually processed. All control arguments, including
invalid ones, are counted. This file is updated by tally.control, which is invoked by scanlogs if either the newgroup or rmgroup
logs exist. This file is not rotated.
errlog This file contains the standard output and standard error of any program spawned by innd(8). The most common programs are the con-
trol-message handlers found in <pathcontrol in inn.conf>. This file should be empty. Scanlogs will print the entire contents of
this log file if it is non-empty.
expire.log
By default, when news.daily is going to expire old news articles, it writes the date to this file, followed by any output from
expire(8) and the ending date. All lines but the first are indented four spaces.
miscctl.log
When control.ctl is configured as described above, all control messages except newgroup and rmgroup are appended to this file by
writelog. There will be a summary line describing the message and the action taken, followed by the article indented by four spa-
ces, and a blank line.
newgroup.log
When control.ctl is configured as described above, all newgroup messages are appended to this file using the same format as for mis-
cctl.log.
news This file logs articles received by innd. Scanlogs summarizes the rejected articles reported in this file.
news.crit
All critical error messages issued by innd are appended to this file via syslog(3). This log file should be empty. Scanlogs will
print the entire contents of this log file if it is non-empty. You should have the following line in your syslog.conf(5) file. (A
typical entry is shown; it should agree with <pathlog in inn.conf>)
news.crit <pathlog in inn.conf>/news.crit
news.err
All major error messages issued by innd are appended to this file via syslog(3). This log file should be empty. Scanlogs will
print the entire contents of this log file if it is non-empty. You should have the following line in your syslog.conf(5) file: (A
typical entry is shown; it should agree with <pathlog in inn.conf>)
news.err <pathlog in inn.conf>/news.err
news.notice
All standard error messages and status messages issued by innd are appended to this file via syslog(3). Scanlogs uses the perl(1)
script innreport(8) to summarize this file. You should have the following line in your syslog.conf(5) file: (A typical entry is
shown; it should agree with <pathlog in inn.conf>)
news.notice <pathlog in inn.conf>/news.notice
nntpsend.log
The nntpsend(8) programs appends all status messages to this file.
rmgroup.log
When control.ctl is configured as described above, all rmgroup messages are appended to this file using the same format as for misc-
ctl.log.
unwanted.log
This log maintains a count of the number of articles that were rejected because they were posted to newsgroups that do not exist at
the local site. This file is updated by tally.unwanted and maintained in reverse numeric order (the most popular rejected group
first). This file is not rotated.
HISTORY
Written by Landon Curt Noll <chongo@toad.com> and Rich $alz <rsalz@uunet.uu.net> for InterNetNews. This is revision 1.6.6.1, dated
2000/08/17.
SEE ALSO
control.ctl(5), ctlinnd(8), expire(8), inn.conf(5), innd(8), news.daily(8), nntpsend(8), newslog(8).
NEWSLOG(5)