Results 1 to 3 of 3

Thread: Files to monitor

  1. June 10th, 2013 #1
    toosweetnitemare
    toosweetnitemare is offline Just Give Me the Beans!
    Join Date
    Jul 2006
    Beans
    63

    Question Files to monitor

    All,
    I have been googling around for different guides on what files to monitor that people would edit for malicious intent. In my readings so far, i have found the common files people edit.
    so far i have found:
    1. /etc/hosts
    2. ufw config files
    3. /bin/login


    what other files do you guys monitor actively and why?

    Thanks in advance!
    -tsnm
    Advanced reply Adv Reply  
  2. June 11th, 2013 #2
    tgalati4's Avatar
    tgalati4
    tgalati4 is offline This space is currently for rent . .
    Join Date
    Feb 2007
    Location
    West Hills CA
    Beans
    10,044
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Files to monitor

    /var/log/auth.log What admin activities are taking place on the system.
    -------------------------------------
    Oooh Shiny: PopularPages

    Unumquodque potest reparantur. Patientia sit virtus.
    Advanced reply Adv Reply  
  3. June 11th, 2013 #3
    toosweetnitemare
    toosweetnitemare is offline Just Give Me the Beans!
    Join Date
    Jul 2006
    Beans
    63

    Re: Files to monitor

    Quote Originally Posted by tgalati4 View Post
    /var/log/auth.log What admin activities are taking place on the system.
    would this be more for a file to watch what changes happen or one that no changes should happen to?

    Thanks!
    Advanced reply Adv Reply  
« Previous Thread | Next Thread »

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Ubuntu Forums Code of Conduct