Results 1 to 3 of 3

Thread: Security tip for OpenBSD (works with FreeBSD)

  1. #1
    Guest

    Security tip for OpenBSD (works with FreeBSD)

    You know all these log messages you get on the console? *It's possible to put them in a log file, in case your firewall does not have a monitor. *Here are the steps:

    1. Edit /etc/newsyslog.conf:
    Where all the log files are, append this line:
    Code:
    /var/log/console.log * * * * * * * * * *640 *5 * *250 ** * * Z
    2. Edit /etc/syslog.conf:
    change these 4 lines:
    Code:
    *.err;kern.debug;auth.notice;authpriv.none;mail.crit * */dev/console
    <snip>
    *.err * * * * * * * * * * * * * * * * * * * * * * * * * /dev/console
    *.notice;auth.debug * * * * * ** * * * * * * * * * * * /dev/console
    *.alert * * * * * * * * * * * * * * * ** * * * * * * * */dev/console
    to read:

    Code:
    *.err;kern.debug;auth.notice;authpriv.none;mail.crit * */var/log/console.log
    <snip>
    *.err * * * * * * * * * * * * * * * * * * * * * * * * * /var/log/console.log
    *.notice;auth.debug * * * * * * * * * * * * * * * * * * /var/log/console.log
    *.alert * * * * * * * * * * * * * * * * * * * * * * * * /var/log/console.log

    3. Create the /var/log/console.log and set the proper permissions
    # touch /var/log/console.log
    # chmod 640 /var/log/console.log


    4. Restart syslog:
    # kill -HUP <syslog PID>


    This way, you can see logins, failed logins, ssh attempts, etc. in a log file which you can tail -f. *Very useful. *The more you know about what's going on, the better and this technique makes it easy to know a lot!

  2. #2

    Re: Security tip for OpenBSD (works with FreeBSD)

    Nice tip. If I ever set up a box strictly as a gateway or special server, that would be nice to know. I'll probably forget by then but that's my problem.

  3. #3
    Guest

    Re: Security tip for OpenBSD (works with FreeBSD)

    Well, if your box is connected directly to the net and that you do not check /dev/console often, it's a good thing anyway. You just use root-tail to have the output on your root window.

Similar Threads

  1. Replies: 18
    Last Post: 08-07-2002, 12:43 PM
  2. FreeBSD or OpenBSD
    By CP in forum BSD
    Replies: 28
    Last Post: 06-15-2002, 01:21 AM
  3. Does anyone know how activeX works?
    By tolstoy in forum Linux - Software, Applications & Programming
    Replies: 4
    Last Post: 05-16-2002, 01:57 AM
  4. gdm works, kdm don't
    By cloverm in forum Linux - Software, Applications & Programming
    Replies: 5
    Last Post: 01-26-2002, 12:35 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •