—-Server e-mail every time someone logs in as root
To have the server e-mail you everytime someone logs in as root, SSH into server and login as root.
At command prompt type: pico .bash_profile
Scroll down to the end of the file and add the following line:
echo ‘ALERT – Root Shell Access on:’ `date` `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” support@dwhs.net
Save and exit.
—-
Modify LogWatch
Logwatch is a customizable log analysis system. It parses through your system’s logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. Logwatch is already installed on most CPanel servers.
To modify LogWatch, SSH into server and login as root.
At command prompt type: pico -w /etc/log.d/conf/logwatch.conf
Scroll down to
MailTo = root
and change to
Mailto = support@dwhs.net
Note: Set the e-mail address to an offsite account incase you get hacked.
Now scroll down to
Detail = Low
Change that to Medium, or High…
Detail = 5 or Detail = 10
Note: High will give you more detailed logs with all actions.
Save and exit.
No comments:
Post a Comment