Scanner nmap (FC5 is not installed by default), rpm package in the first five plate
# nmap 192.168.0.22 default TCP port scan
# nmap-sU-sR-sS 192.168.0.22
-sU UDP scan
-sR RPC scan
-sS TCP SYN scan
Can scan a single host or IP segment 192.168.0.0/24
# grep syslog / etc / services file contains the search string syslog line, the search string in the document.
Tcpdump sniffer
# tcpdump-i eth0-X dst 192.168.0.22
specify-i eth0 interface monitor
-X in order to show the header information in hexadecimal
dst specify the target host address or port
# tcpdump-I eth0-X dst 192.168.0.22 and dst port 21
Monitor target packet to 192.168.0.22 port 21 and the data
Log syslog server
Configuration file / etc / syslog.conf
The right side of the left side of the specified message type specified location information records
*. info; mail.none; authpriv.none; cron.none / var / log / messages
Any program, as long as it is more than info level recorded in the / var / log / messages, but does not record mail, authpriv, cron news
mail .* / var / log / maillog
E-mail messages are all recorded in / var / log / maillog file
Any change in the configuration file required to start services from the new
# service syslog restart
# vi / etc / syslog.conf
*.* @ 192.168.0.22
All procedures 192.168.0.22 all messages sent to the host, but at the same time allow remote 192.168.0.22 to open source
# vi / etc / sysconfig / syslog to amend
SYSLOGD_OPTIONS = "-m 0-r-x"
# service syslog restart
Log default service port 514/udp
# netstat-unl | grep: 514 show the log service is running
-u UDP protocol
-t TCP protocol
-n with values that the host address, port number
-l Display only monitor the process of being
-p show the process name and PID
Log system
1. Edit / etc / syslog.conf
2. Restart Log Server
# service syslog restart
3. To check the log / var / log / *
Safety information on the / var / log / secure in
E-mail messages on / var / log / maillog
Plan task information / var / log / cron
Most of the information on the / var / log / messages
# tail-f messages of the changes in information monitoring system
Recommended Log analysis software SWATCH
skip to main |
skip to sidebar
搜索此博客
Blog Archive
-
▼
2009
(40)
-
▼
八月
(40)
- linux hacking tools introduced Trinoo Analysis of ...
- Snort intrusion prevention Linux installation and ...
- Windows-based Intrusion Detection System snort ins...
- unix linux Rsync + SSH Server automated backup enc...
- CentOS mail server with antivirus functionality SPAM
- CentOS Notes mail server set up to achieve the ba...
- CentOS4.4 Notes mail server set up on the mail gat...
- CentOS4.4 mail server set up under the windows AD ...
- RHEL5 install Postfix mail system
- Awstats log analysis software for the installation...
- Apache web site using LDAP authentication integration
- Redhat linux APACHE enterprise security configuration
- Precise analysis of web use on PHPMyVisites
- Web log analysis by webalizer
- unix linux Chroot server security mechanism
- linux unix Nslookup command explain
- Enterprise linux dig command uses the Guinness
- Detailed security linux dns services
- Enterprise Linux notes of engineers to study 16: ...
- Enterprise Linux notes the practice of engineers t...
- Linux Engineer Study Notes 14: Network Security
- Linux Engineer Study Notes 13: common system secur...
- Enterprise Linux Engineer Study Notes Practice 12:...
- Linux Engineer Study Notes Practice 11: PAM Authen...
- Linux Engineer Study Notes Practice 10: FTP Server
- Linux Engineer Study Notes 9: Raid and comprehensi...
- Linux engineers to learn of the eight notes: Lvm ...
- Linux engineers to learn of the seven notes:redhat...
- Linux engineers to learn of six notes: redhat linu...
- Linux engineers to learn the practice of five note...
- Linux engineers to learn the practice of four note...
- Linux engineers to learn the practice of three not...
- Linux Engineer Study Notes Practice 2: System mana...
- vsftpd + pam_mysql + mysql do ftp server
- ProFTPD supports the MySQL database to add a virtu...
- Beginners Guide vsFTPd server
- Part of the master VSFTPD
- Samba file server user permissions model complex d...
- Samba file server user permissions model complex d...
- rsync server set up methods
-
▼
八月
(40)
关注者
Labels
- Apache web site using LDAP authentication integration fedora linux linux os IBM 1350 Linux cluster system RHEL 4 SLES 9 zSeries red hat linux (1)
- CentOS mail server linux antivirus linux network domain rhce rh302 (1)
- CentOS mail server mail gateway linux hosting linux live cd network domain (1)
- CentOS4.4 mail server windows AD integration linux drivers linux guide mint linux postmail mail server (1)
- Enterprise linux dig command how to list linux mount points how to uninstall mandriva linux linux drivers linux guide mint linux (1)
- Enterprise Linux dns server linux bind domain installing software on linux linux screen linux course hardening linux linux system (1)
- enterprise Linux engineer fedora linux firewall linux linux secure pam pamd server domain virtual users (1)
- enterprise Linux engineer fedora linux firewall linux system security analysis tools (1)
- enterprise Linux engineer fedora linux linux applications review linux how to linux learn Logical Volume Manager (1)
- enterprise Linux engineer learn support samba download version configure date find (1)
- enterprise Linux engineer learn support version configure disk quotas (1)
- enterprise linux ftp vsftp proftp server domain freebsd linux linux buy linux man (1)
- how to linux linux introduction information linux download linux linux forum linux info linux help (1)
- linux antivirus linux kernel linux red hat Awstats log analysis software for the installation (1)
- Linux Engineer Study redhat debian suse domain network (1)
- Linux engineers server learn File system maintenance domain (1)
- linux hacking tools introduced Trinoo Analysis of DDoS attack tools (1)
- Linux install file gui suse server engineers disk file system (1)
- linux redhat rhce suse domain server proftp mysql database quota (1)
- linux redhat rhce suse domain server proftp mysql database quota vsftp (1)
- linux redhat rhce suse rsync server (1)
- linux redhat rhce suse samba server debian (2)
- linux redhat rhce suse vsftp domain server debian (1)
- linux server linux install suse linux linux redhat unix linux linux gui hardening linux linux system domain server (1)
- linux server rhce vsftp redhat suse network server (1)
- linux softwares linux application linux enable linux reviews mobile linux linux setup Network Security (1)
- linux telnet linux command linux date linux find linux time linux vsftpd (1)
- linux unix DNS server find troubleshooting basic linux commands download linux boot disk linux wallpapers linux recovery (1)
- linux unix CentOS Notes mail server (1)
- PHPMyVisites linux ubuntu arch linux linux tutorials webstar linux driver search linux pc laptop u software linux (1)
- Redhat linux APACHE enterprise security configuration fedora linux linux os red hat linux linux distributions (1)
- redhat suse linux configure systems Dynamic disk security (1)
- RHEL5 install Postfix mail system linux distros linux programs suse linux linux netbook (1)
- security linux dns services cisco tunnel cisco networking cisco router 1800 (1)
- Snort intrusion prevention Linux installation and configuration (1)
- unix linux Chroot server security linux red hat linux smooth wall router (1)
- unix linux Rsync SSH Server automated backup encryption (1)
- Web log analysis by webalizer basic linux commands download linux boot disk linux wallpapers linux recovery (1)
- Windows based Intrusion Detection System snort installation (1)
51.la
Copyright © 2009 Linux Study Blog - Design by Dante Araujo - Powered by Blogger
0 评论:
发表评论