El Viernes, 18 de Agosto de 2006 17:35, Bret Stern escribió: > What is this process/session from the log "secure" on Fedora 5? > > Aug 16 04:02:09 servant su: pam_unix(su:session): session opened for user > beagleindex by (uid=0) Don't worry about beagleindex. Think of it as like updatedb. I've read some sites where said that it "ransacks personal data" which frankly kind of creeped me out. I really don't know. I decided to delete its account on my system ;-) > > > What log is the best place to look for malicious > connections? > > B Stern By default, system log is /var/log/messages You should use /var/log/secure to find out which connections have been made to your system. Every service, like Apache, proftpd...have their own logs. Furthermore, if you have configured iptables to log some connections, look at it too. Hope that helps. -- Manuel Arostegui Ramirez. Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
