Results 1 to 3 of 3

Thread: Files to monitor

  1. #1
    Join Date
    Jul 2006
    Beans
    63

    Question Files to monitor

    All,
    I have been googling around for different guides on what files to monitor that people would edit for malicious intent. In my readings so far, i have found the common files people edit.
    so far i have found:
    1. /etc/hosts
    2. ufw config files
    3. /bin/login


    what other files do you guys monitor actively and why?

    Thanks in advance!
    -tsnm

  2. #2
    Join Date
    Feb 2007
    Location
    West Hills CA
    Beans
    7,829
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: Files to monitor

    /var/log/auth.log What admin activities are taking place on the system.
    -------------------------------------
    Oooh Shiny: PopularPages

    Unumquodque potest reparantur. Patientia sit virtus.

  3. #3
    Join Date
    Jul 2006
    Beans
    63

    Re: Files to monitor

    Quote Originally Posted by tgalati4 View Post
    /var/log/auth.log What admin activities are taking place on the system.
    would this be more for a file to watch what changes happen or one that no changes should happen to?

    Thanks!

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •