user login - Linux Forums

Register|FAQ|Member List|Calendar|Unanswered Posts|Forum Rules|Today's Posts|Advanced Search |

Welcome to Linux Forums! With a comprehensive Linux Forum, information on various types of Linux software and many Linux Reviews articles, we have all the knowledge you need a click away, or accessible via our knowledgeable members.

Write an article for LinuxForums Today! Win Great Prizes!

New to Linux Forums? Register here for free!

		Linux Forums > GNU Linux Zone > Linux Security > user login

Linux Security Discussion about keeping your machines secure, and the crackers out.

Site Navigation
Linux Articles
Linux Forums
Linux Downloads
Linux Hosting
Free Magazines
Job Board
IRC Chat
RSS Feeds

Linux Forum Topics
Linux Forums
Linux Forums Site News
Your Distro
Redhat / Fedora Linux Help Ubuntu Help SuSE Linux Help Mandriva Linux Help Slackware Linux Help Debian Linux Help Gentoo Linux Help Knoppix Help Forum Other Distributions
Linux Resources
Linux Tutorials, HOWTO's & Reference Material
GNU Linux Zone
Wireless Internet Linux Newbie Installation Misc Linux Applications Servers Linux Networking Peripherals / Hardware Linux Desktop / X-Windows Linux Programming & Scripting Gaming / Games / Multimedia / Entertainment Linux Security The Linux Kernel Linux On Laptops / Netbooks / Minibooks Wine Art & Imaging in Linux
The Community
The Coffee Lounge Comments / Feedback / Suggestions Everything BSD

Reply

05-15-2009	#1 (permalink)
rishi_nandedkar Just Joined! Join Date: May 2009 Posts: 6	user login Hello, I am having 18 servers which 50 users are accessing,from some days we are facing issues such as somebody deleting few files from server.Is there any way that i can figure out who is login from which machine and what he is doing on server or is there any way by which i can know that somebody login on server and what exactly he is doing. I have disabled rm command from server so that only root can use this command can somebody help me since the data is very much critical Thank you rishi nandedkar

05-16-2009	#2 (permalink)
Hal343 Linux User Join Date: May 2009 Location: Kamloops, B.C., Canada Posts: 325	I have never run a server, but what about your log files? They should be under /var/log and should tell who is logged in on which machines & at what times. If it is sabotage of some kind, whoever it was probably covered their tracks by changing log files, but if it was stupidity you should be able to trace it. If it seems like it was from outside the network, I would have all logs copied(real time, as they are created) by a script to another machine behind another firewall with no remote access. This way if there are any changes done to logs, you will have the original and the changed version, and hopefully a record of who did it. __________________ Registered Linux User #420832

Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Trackbacks are Off Pingbacks are Off Refbacks are Off

Free Magazines

Run Your Own Web Server Using Linux & Apache - Free 191 Page Preview
Learn about everything you'll need to build and maintain your Linux servers, and to deploy Web applications to them.
subscribe

Open Source Security Myths Dispelled
Dispel the five major myths surrounding Open Source Security and gain the tools necessary to make a truly informed decision for your IT organization
subscribe

InformationWeek
InformationWeek is the only newsweekly you'll need to stay on top of the latest developments in information technology.
subscribe

All times are GMT. The time now is 01:03 PM.