www.bonsaiframework.com
Page tree

Versions Compared

Old Version 13

changes.mady.by.user Tin Pham

Saved on

compared with

New Version Current

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Warning

This article is just starting. Probably will need Dickson's help on this topic.

Some topics,

Email Login Events

  • Alert me when a sudo capable account logs in.
  • Alert me when serveradmin logs in.
  • Alert me when accounts fail sudo attempts.

Integrity Check

File Permissions - World Writable

Email Login Events

On servers that are managed by only a few administrators it is often useful to know if someone has logged in.

...

Warning

This script can be improved,

  • add descriptive info to the header
  • use a code for level
  • have option to alert only for sudo enabled account
  • have option to alert only for specific group(s)

First ensure your system is setup to send emails.

Here is the start of the contents of the login notification script,

...

Code Block
languagebash
linenumberstrue
... more stuff up here ...
umask 022

echo "User $LOGNAME logged ininto $HOSTNAME on $(date)" | mail -aFrom:sentry@bonsaiframework.com -s "Sentry Alert Login $LOGNAME@$HOSTNAME" bhitch@imagecomics.com

Now every login will result in an alert.

...