Click Here For Free Windows Downloads
mywindowsdownloads.blogspot.com
Click here for all Free Linux Downloads
Network Troubleshooting
Using log messages
We must occasionally inspect our log files, so that we may get prior information about any kind of hardware failure or get to know about some kind of suspicious activity on the network. The login records are there in /var/log/wtmp file. We will have to use utmpdump application to read this file as the file is in binary format. The command used will be as under:
# utmpdump /var/log/wtmp
Its output is shown hereunder:
Last column shows the IP address entry of the person logging in. If the address is not from the authorized system, then we must be concerned about it and take some remedial action immediately. In such cases we can configure iptables (the firewall) and block this particular IP address or the concerning network itself.
No comments:
Post a Comment