[olug] Unix Tip: KEEPING AN EYE ON YOUR SYSTEM
Unix Guru Universe
listserv at ugu.com
Mon Dec 23 19:00:06 UTC 2002
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
UNIX GURU UNIVERSE
UNIX HOT TIP
Unix Tip 2183 - December 23, 2002
http://www.ugu.com/sui/ugu/show?tip.today
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
KEEPING AN EYE ON YOUR SYSTEM
Here is a little script sent
to use. While it doesn't
cover everything to watch
for on a system, it covers
some of the basics.
Use the following simple script
to check for security problems
on your system. Run it with
cron once a day and have it
mailed to you. (You will need
to modify it for your flavor
of Unix)
------------- CUT HERE ---------
echo LIST PASSWD AND SHADOW FILES TO CHECK FOR LAST DATE ACCESSED
echo
cd /etc; ls -l *passwd* *shadow*
echo
echo CHECK FOR USERS AND GROUPS THAT ARE EQUAL WITH ROOT
echo
grep ':00*:' /etc/passwd
echo
echo CHECK FOR USERS WITH SHELL ACCESS
echo
grep bash /etc/passwd
echo
echo LIST SU ACTIVITY
echo
cat /usr/adm/sulog
echo
echo CHECK FOR INVALID PASSWORDS
echo
grep invalid /usr/adm/syslog
echo
echo LIST THE LAST 20 LOGINS
echo
last |head -20
echo
echo CHECK THE HARD DRIVE SPACE
df
--------------------------------------------------------------------------
To Subscribe: http://www.ugu.com/sui/ugu/show?tip.subscribe
To Unsubscribe: http://www.ugu.com/sui/ugu/show?tip.unsubscribe
To Submit A Tip: http://www.ugu.com/sui/ugu/show?tip.today
==========================================================================
DISCLAIMER: All UNIX HOT TIPS ARE OWNED BY THE UNIX GURU UNIVERSE AND ARE
NOT TO BE SOLD, PRINTED OR USED WITHOUT THE WRITTEN CONSENT OF THE UNIX
GURU UNIVERSE. ALL TIPS ARE "USE AT YOUR OWN RISK". UGU ADVISES THAT
ALL TIPS BE TESTED IN A NON-PRODUCTION DEVELOPMENT ENVIRONMENT FIRST.
Unix Guru Universe - www.ugu.com - tips at ugu.com - Copyright 1994-2001
==========================================================================
More information about the OLUG
mailing list