Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: system log files and core files?
Top Forums UNIX for Dummies Questions & Answers system log files and core files? Post 47181 by Optimus_P on Wednesday 4th of February 2004 12:28:24 PM
Old 02-04-2004
Quote:
Originally posted by Westy564

I find myself in this position, my /var/adm/messages file says that "sshd: fatal: local: This server does not support your new ssh version." I know ssh stands for secure shell, I know my sshd daemon is running, it's suppose to be more secure than telnet, because telnet uses clear text. I know I'm running an early version of ssh that should be updated. I look on Cert's site and see that even the latest version of ssh still has holes in it that can be exploited. I know that hackers scan forums such as this one, for messages from people like me, so they can find potential victims. My boss wants to know have we been hacked, who's trying to use this version of ssh. Isn't there a log file you can search that will tell you when someone has logged into the system. My thoughts, gee, if they're smart enough to hack into the system, hack the root password, then they're smart enough to cover up their tracks. Maybe some training is in order here, if you want the answer to that question. Maybe we should be installing Tripwire or something like it to help monitor the system. Opps out of the question, the budget don't have dollars for training or Tripwire. Your so right when you say on some days it's not even worth showing up.
now you have posted a question that hasnt been answered.

you should look @ satan, cops, or possably tripwire.
there are an abundant amount of utilities on the market that can monitor a server for various styles of attacks.

its hard to determine if you have been hacked if you dont have anything in place to watch for abnormalities.

as far as being sarcastic. no. im just blunt and to the point.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

What are core files and how can I delete them when am performing system maintenance??

Help me How can I go about doing this. also, if you have any idea of other files I can delete and what I can do to improve the performance of a system thats running too slow (6 Replies)
Discussion started by: IMPORTANT
6 Replies

2. UNIX for Advanced & Expert Users

What can be done with core files???

please help me, what can i do with the bountiful amount of core files our systems seem to have on occassional basis?? how do I analyze it and determine why the core file was dumped by the application that dumped it. the operating systems we use are solaris, DG-UX and linux red hat systems. (5 Replies)
Discussion started by: TRUEST
5 Replies

3. UNIX for Advanced & Expert Users

Analyzing System Core Files?

can some tell me how to do this. I mean, i tried finding this out on my own but when I checked the man pages, i got a truckload of commands available pertaining to this task which in turn got me confused. so my question is, if there is a simple straight forward(not necessarily easy) way to... (2 Replies)
Discussion started by: TRUEST
2 Replies

4. AIX

where i can find Log files of system

Hello world please, i would like to know where i can find all of : 1 Every connexion whith FTP 2 Every connexion whith telnet 3 Every connexion whith RCP 4 Every event when crash will arrive thanks in advance (1 Reply)
Discussion started by: mktahar
1 Replies

5. Solaris

System Log Files ?!

Hi , OS: Solaris 9 Where can I find the most important Log files in my system ?! I need to monitor the errors and also for auditing .. Regards Adel (1 Reply)
Discussion started by: ArabOracle.com
1 Replies

6. UNIX for Dummies Questions & Answers

hp ux core files

what are core files?? Can I safely delete them??? Please, help (2 Replies)
Discussion started by: ldaliosmane
2 Replies

7. UNIX for Dummies Questions & Answers

How to know where the core files come from?

Hi, I am trying to use "find / -name core -print | xargs rm -f " ,but it would delete all core files including some core files we do not want to delete. I search privious posts,someone said "To check what a core file came from - use the file command" I used man page to search file command,but... (9 Replies)
Discussion started by: lemon_06
9 Replies

8. Shell Programming and Scripting

AIX system.... deleting files in remote directory after retrieving files

Hi Friends, I am new to this , I am working on AIX system and my scenario is to retrive the files from remote system and remove the files from the remote system after retreving files. I can able to retrieve the files but Can't remove files in remote system. Please check my code and help me out... (3 Replies)
Discussion started by: vinayparakala
3 Replies

9. UNIX for Beginners Questions & Answers

Find all .sh files in file system and need to replace the string inside .sh files

Hi All, I need to write a script to find all "*.sh" files in /home file system and if any string find "*.sh" files with the name vijay@gmail.com need to replace with vijay.bhaskar@gmail.com. I just understood about the find the command to search .sh files. Please help me on this. find / -name... (3 Replies)
Discussion started by: bhas85
3 Replies

LEARN ABOUT REDHAT

ssh-keysign

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)

NAME

     ssh-keysign -- ssh helper program for hostbased authentication

SYNOPSIS

     ssh-keysign

DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during hostbased authentication with
     SSH protocol version 2.

     ssh-keysign is disabled by default and can only be enabled in the the global client configuration file /etc/ssh/ssh_config by setting
     HostbasedAuthentication to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about hostbased authen-
     tication.

FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if hostbased
	     authentication is used.

SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)

AUTHORS

     Markus Friedl <markus@openbsd.org>

HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.

BSD
								   May 24, 2002 							       BSD
All times are GMT -4. The time now is 12:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy