Log of login and files access on fedora

Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!

Mar 17 '07 #1

Follow Post Reply

5851

arne

315

Expert 100+

Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!

Most of the things happening on your system should be reflected in /var/log/messages. But good (or evil) crackers know that, of course, and will manipulate that once they have access.

Port 23 is usually used for telnet, see /etc/services. Try 'telnet localhost 23' to see if your telnet port is open. You can try this with all ports, like 23 for ssh, 25 for smtp and so on.

See also 'man telnet'.

Mar 17 '07 #2

satya61229

Most of the things happening on your system should be reflected in /var/log/messages. But good (or evil) crackers know that, of course, and will manipulate that once they have access.

Port 23 is usually used for telnet, see /etc/services. Try 'telnet localhost 23' to see if your telnet port is open. You can try this with all ports, like 23 for ssh, 25 for smtp and so on.

See also 'man telnet'.

I tried telnet localhost 25 and it printed some messages.

I could not understand/find anything in "message".

When I tried "telnet localhost 23", it looks it is closed.

but in "25", it printed some message and it became ready for accepting input.
and now terminal is not starting.

Mar 17 '07 #3

arne

315

Expert 100+

I tried telnet localhost 25 and it printed some messages.

I could not understand/find anything in "message".

When I tried "telnet localhost 23", it looks it is closed.

but in "25", it printed some message and it became ready for accepting input.
and now terminal is not starting.

Well, if you connect with telnet to a port, you need to know the protocol of ssh, smtp or whatever you're talking to. 25 is typically the SMTP port, so you're probably connected to an SMTP daemon. Try typing 'quit' :)

What do you mean "terminal is not starting"? STMP will give you no terminal.

Mar 17 '07 #4

Motoma

3,237

Expert 2GB

Hello Linux Guru

I am facing very serious issues of begin spying.

I am sure of that. Idiots are doing that.

But I am not very well in linux, so i cannot get the log of that.

can you tell me how to find trace of file accessed, who is login, who logged when, etc.

How to check telnet. Can I disable telnet on my system, so no one can telnet at my system. Can this will affect login from remote?

I have root password.

Thanks!

If you have no trace of someone logging into your system, how (other than paranoia) are you sure that it is happening? Often, failed (and sometimes successful) login attempts are recorded daily, and emailed to the root account. Try accessing mail as root and seeing if you have any access logs.

Mar 20 '07 #5

arne

315

Expert 100+

I am facing very serious issues of begin spying.

You may also want to have a look into 'tripwire' in order to detect an intrusion.

Mar 21 '07 #6

Log of login and files access on fedora

Post your reply

Similar topics