Authentication attempts:
Location : /var/log/secureDescription : Logs all daemons which requires PAM Authentication.
Tracking all Bad Logins and Logouts:
Location : /var/log/btmpDescription : Log of all attempted bad logins to the system. Accessed via the lastb command..
Tracking all Logins and Logouts:
Location : /var/log/wtmpDescription : The wtmp file records all logins and logouts.
Last Logins:
Location : /var/log/lastlogDescription : Database times of previous user logins. The lastlog file is a database which contains info on the last login of each user.
WebDav or WebDisk Log :
Location : /usr/local/cpanel/logs/cpdavd_error_logDescription : The cpdavd daemon is "WebDav" (better known as "WebDisk") which was introduced in cPanel 11 to allow users to mount their home directory on their personal computer, always having access to the files and content...
Cphulkd Logs:
Location : /usr/local/cpanel/logs/cphulkd_errors.logDescription : cPHulk Brute Force Protection prevents malicious forces from trying to access your server's services by guessing the login password for that service....
It blacklists IPs that it thinks are trying to run a brute force attack.
Failure Logging:
Location : /var/log/faillogDescription : Faillog formats the contents of the failure log from /var/log/faillog database. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure.
Startup/Boot, Kernel & Hardware error messages :
Location : /var/log/dmesgDescription : dmesg is a "window" into the kernels ring-buffer. It's a message buffer of the kernel. The content of this file is referred to by the dmesg command. It shows bootlog and the hardware errors..
0 comments:
Post a Comment