Suppose your LINUX box is being targeted by a clumsy adversary that does not hide tracks very well. How do you detect it?
Put the following command in your login shell script, e.g /root/.bash_profile if your'e into Bash. It will report the root shell access to your email.
echo 'ALERT - Root Shell Access on:' `date` `who` | \
mail -s "Alert: Root Access from `who | awk '{print $6}'`" YOUR_EMAIL_HERE
This blog is all about issues related to the business of the company 
0 kommentarer:
Post a Comment