• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here:Home » unix Commands to Check Server Logs For Security

By Abhishek Ghosh September 16, 2015 9:34 am Updated on September 16, 2015

unix Commands to Check Server Logs For Security

Advertisement

Here is a Basic Guide For the Beginners to Self Manage Cloud Server Instances. Master these unix Commands to Check Server Logs For Security. Self-Managing server by one person only is quite dangerous. One of the reason why most advanced users’ server do not get under attack is precaution.

 

Introduction to unix Commands to Check Server Logs For Security

 

It is quite normal today for a new user to use a cheaper Cloud IaaS at $5-$10/month charge to host website. It is, indeed far better than Shared Hosting. But you should be aware at least to understand that you may be under attack! Installing WordPress is quite easy, but server administration is not exactly easy. We recommend to use HP Cloud IaaS over Rackspace and Softlayer for HP Cloud’s excellent virtual router, possibility to easily take a backup as snapshot and change the IP using OpenStack floating IP system.

How you’ll secure the server, that is fully different topic. This is for a basic checking. Perhaps, you installed WordPress reading our guides or someone else’s; that is great. But you need to learn more. Suddenly using web based graphical monitoring system may introduce more vulnerabilities due to your lack of knowledge!

Advertisement

---

You are doing these on a GNU/Linux server (we used Ubuntu) with Nginx PHP5-FPM setup as root user. There is no reason to think that, knowing these unix commands to check server logs for security is enough.

 

Where to Check these unix Commands to Check Server Logs

 

Usually, the location /var/log/ is constant. There is a file named /etc/rsyslog.conf (do not edit it without knowledge), that controls this location. On custom setup, we change this location. If a third party get access to log, they will find the flaw faster!

You should have a minimum idea about sed, grep, awk, tail, cat, last, more, head and unix pipe. These are basic commands or utilities. Only under /var/log/, there are are at least 30 files which are important to check, needless to say, some location & names are corresponding to our previous guides :

Vim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
/var/log/nginx/access.log
/var/log/nginx/error.log
/var/log/nginx/fpm.status.log
/var/log/mysql/error.log
/var/log/mysql/mysql.log
/var/log/messages
/var/log/dmesg
/var/log/auth.log
/var/log/boot.log
/var/log/daemon.log
/var/log/dpkg.log
/var/log/kern.log
/var/log/lastlog
/var/log/maillog /var/log/mail.log
/var/log/user.log
/var/log/Xorg.x.log
/var/log/alternatives.log
/var/log/btmp
/var/log/anaconda.log
/var/log/cron
/var/log/secure
/var/log/wtmp or /var/log/utmp
/var/log/faillog
/var/log/mail/
/var/log/prelink/
/var/log/prelink/prelink.log
/var/log/audit/
/var/log/sssd/

for checking these files, running a cat is basic work :

Vim
1
cat /var/log/nginx/access.log

But, that is not a way to filter the errors. Our previous guide on XMLRPC attack elaborates complicated commands with real examples. It is mandatory to read, else you will not understand what we want to do with :

Vim
1
cat /var/log/nginx/access.log | grep xmlrpc | awk '{print $1}' | sort | uniq

 

unix Commands to Check Server Logs For Security : Networking

 

It is important to check the networking randomly. If you run this command (control+C is quit) :

Vim
1
sudo watch netstat -anlp

you’ll get an idea around the open requests towards the ports. netstat -na is great basic tool which can rule out DDoS attacks on IaaS. I expect that, the table for :

Vim
1
netstat -an | grep :443 | sort

will be larger than :

Vim
1
netstat -an | grep :80 | sort

for this website. This is a HSTS website. I can see the IP address sending requests :

Vim
1
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Last but not the least, top definitely one of the top notch basic command to check the system resource usage on the go. Q is to quit it. This is a server under attack, eating up the full memory attack (shown with yellow lines). Obviously, if you never checked the maximum memory consumed at highest load with a known number of traffic shown in any software like Google Analytics, normal situation will appear as “under attack”.

unix Commands to Check Server Logs For Security

These commands are lesser than what you really should know, but yet better than knowing nothing.

Tagged With unix commands to check logs , aix security logs , unix command to see logs , command to check log file on server , checking unix logs for attacks , xml logs and server using unix commands , checking logs with cat command in unix , check unix logs on host server , cat security server command , basic commands to check the unix server maintenance
Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to unix Commands to Check Server Logs For Security

  • Nginx WordPress Installation Guide (All Steps)

    This is a Full Nginx WordPress Installation Guide With All the Steps, Including Some Optimization and Setup Which is Compatible With WordPress DOT ORG Example Settings For Nginx.

  • WordPress Multisite on Nginx on Ubuntu 14.04 on HP Cloud

    Here is a Step by Step Guide on Setting Up WordPress Multisite on Nginx on Ubuntu 14.04 on HP Cloud with All Commands and the Configuration.

  • Join/Merge Multiple Log Files For Big Data Analysis

    Here Are The Ways To Join/Merge Multiple Log Files For Big Data Analysis, Store Them To OpenStack Based Cloud Storage And Delete Old Files.

  • Command Prompt Commands : Alphabetical list of all commands in Windows 7

    Command Prompt Commands in Windows 7 provides the user access to 180+ command line commands. Here is a list of 200 Command Prompt Commands in Windows 7.

performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Affordable Earphone/IEM for Audiophiles: HiFiMan RE-400 WaterlineOctober 2, 2023
  • What is Hardware Security Module (HSM)September 30, 2023
  • Transducer Technologies of HeadphonesSeptember 28, 2023
  • What is Analog-to-Digital Converter (ADC)September 27, 2023
  • Comparison of Tube Amplifiers and SemiconductorsSeptember 26, 2023
PC users can consult Corrine Chorney for Security.

Want to know more about us?

Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy