[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] last command 2nd lastb command lastcomm utility bugs in latest version lastdb command lastlog command databases from several systems, merging multiple systems, monitoring problems with ldd command libnet (toolkit for network packet manipulation) libnids (for TCP stream reassembly) libpcap (packet capture library) 2nd binary files Snort logging directory, creating in logging Snort data to libpcap-format files network trace files, ngrep Snort, use by libwrap, using with xinetd Linux /proc filesystem differing locations for binaries and configuration files in distributions encryption software included with operating system vulnerabilities Red Hat [See Red Hat Linux] supported distributions for security recipes SuSE [See SuSE Linux] ListenAddress statements, adding to sshd_config listfile module (PAM) ACL file entries local acces, permitting while blocking remote access local facilities (system messages) local filesystems, searching local key (Tripwire) creating with twinstall.sh script fingerprints, creating in secure integrity checks read-only integrity checking local mail (acceptance by SMTP server) local password authentication, using Kerberos with PAM localhost problems with Kerberos on SSH SSH port forwarding, use in unsecured mail sessions from logfile group configuration file (logwatch) logger program writing system log entries via shell scripts and syslog API logging access to services combining log files firewalls, configuring for nmap -o options, formats of PAM modules, error messages rotating log files service access via xinetd shutdowns, reboots, and runlevel changes in /var/log/wtmp Snort 2nd to binary files partitioning into separate files permissions for directory stunnel messages sudo command remotely system [See system logger] testing with nmap stealth operations loghost changing remote logging of system messages login shells, root logins adding another Kerberos principal to your ~/.k5login file Kerberos, using with PAM monitoring suspicious activity printing information about for each user recent logins to system accounts, checking testing passwords for strength CrackLib, using John the Ripper, using logouts, history of all on system logrotate program 2nd 3rd logwatch filter, defining integrating services into listing all sudo invocation attempts scanning log files for messages of interest scanning Snort logs and sending out alerts scanning system log files for problem reports lsh (SSH implementation) lsof command +M option, (for processes using RPC services) -c option (command name for processes) -i option (for network connections) -p option (selecting processes by ID) -u option (username for processes) /proc files, reading IP addresses, conversion to hostnames network connections for processes, listing |