Successful SSH Attack - Need help cleaning up
tensai at zmonkey.org
Tue Oct 31 14:33:13 MST 2006
On Tue, 2006-10-31 at 14:26 -0700, Daniel wrote:
> /var/log/secure will contain logs for the ssh server.
/var/log/secure will contain whatever your syslog server is told to send
there. For a Redhat system, you are correct. On Debian there is no such
file (instead it's auth.log). Check /etc/syslog.conf to see what your
system configurations are, unless you're using some other syslog daemon
in which case all bets are completely off.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20061031/be0241d1/attachment.bin
More information about the PLUG