[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Worried about having been hacked



Arthur Pemberton wrote:
On Mon, Jul 6, 2009 at 12:01 PM, James
Allsopp<jamesaallsopp googlemail com> wrote:
Hi,
I've a Fedora core 10 system which spends a lot of the time connected
directly to the internet, with a static ip. The only external ports open
are 80 and 22. SSH only allows access to one non-root user via an rsa
key. I'm using an IPtables script from

http://iptables-tutorial.frozentux.net/iptables-tutorial.html
However, I normally get my logs e-mailed to an external account and
they're not getting to me. I'm not sure if they've not been sent or my
logs are being altered and hidden. How do I diagnose this problem, and
in general look for security incursions. I'm thinking of leaving
wireshark running on the external ethernet card and see what happens.

Thanks, any advice much appreciated.
Jim


Have you checked your Spam folder on the receiving email account?
Email sent through the mail command tends to get rated very poorly by
spam filters.

You might check the /var/spool/clientmqueue directory to see if the
mail's been spooled but not sent out and look at the /var/log/maillog
file to verify the mail was indeed sent to the external account.
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer                      ricks nerd com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-     I was married by a judge.  I should have asked for a jury.     -
-                                                   -- Groucho Marx  -
----------------------------------------------------------------------



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]