470,590 Members | 2,521 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,590 developers. It's quick & easy.

Log of login and files access on fedora

Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!
Mar 17 '07 #1
5 5851
arne
315 Expert 100+
Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!
Most of the things happening on your system should be reflected in /var/log/messages. But good (or evil) crackers know that, of course, and will manipulate that once they have access.

Port 23 is usually used for telnet, see /etc/services. Try 'telnet localhost 23' to see if your telnet port is open. You can try this with all ports, like 23 for ssh, 25 for smtp and so on.

See also 'man telnet'.
Mar 17 '07 #2
Most of the things happening on your system should be reflected in /var/log/messages. But good (or evil) crackers know that, of course, and will manipulate that once they have access.

Port 23 is usually used for telnet, see /etc/services. Try 'telnet localhost 23' to see if your telnet port is open. You can try this with all ports, like 23 for ssh, 25 for smtp and so on.

See also 'man telnet'.
I tried telnet localhost 25 and it printed some messages.

I could not understand/find anything in "message".

When I tried "telnet localhost 23", it looks it is closed.

but in "25", it printed some message and it became ready for accepting input.
and now terminal is not starting.
Mar 17 '07 #3
arne
315 Expert 100+
I tried telnet localhost 25 and it printed some messages.

I could not understand/find anything in "message".

When I tried "telnet localhost 23", it looks it is closed.

but in "25", it printed some message and it became ready for accepting input.
and now terminal is not starting.
Well, if you connect with telnet to a port, you need to know the protocol of ssh, smtp or whatever you're talking to. 25 is typically the SMTP port, so you're probably connected to an SMTP daemon. Try typing 'quit' :)

What do you mean "terminal is not starting"? STMP will give you no terminal.
Mar 17 '07 #4
Motoma
3,237 Expert 2GB
Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!
If you have no trace of someone logging into your system, how (other than paranoia) are you sure that it is happening? Often, failed (and sometimes successful) login attempts are recorded daily, and emailed to the root account. Try accessing mail as root and seeing if you have any access logs.
Mar 20 '07 #5
arne
315 Expert 100+
I am facing very serious issues of begin spying.
You may also want to have a look into 'tripwire' in order to detect an intrusion.
Mar 21 '07 #6

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

6 posts views Thread by andRea | last post: by
8 posts views Thread by lightcap | last post: by
2 posts views Thread by Chris Newby | last post: by
6 posts views Thread by cyndithomas via AccessMonster.com | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.