–WARN– [perm006w] /root/.bashrc should not have group read. (Web host forum)
–WARN– [perm006w] /root/.bashrc should not have group read. –WARN– [perm006w] /root/.bashrc should not have world read. –WARN– [perm006w] /root/.cshrc should not have group read. –WARN– [perm006w] /root/.cshrc should not have world read. –FAIL– [perm007f] /etc/aliases should not have group read. –FAIL– [perm007f] /etc/aliases should not have world read. The security report is divided into sections with each section labeled with a comment. In the above example, the NFS exports section has two problems. The /home and /var partitions are exported without restrictions. The system file permissions section reports several problems. Some are labeled with –WARN– in front of them. These are not as critical as the ones with –FAIL– in front of them. Nevertheless, in both cases you should use the chown or chgrp command to alter the permissions. Detecting Intrusions from Log Files Preparing your system for a cracker attack is only part of the battle. You must also recognize a cracker attack when it is occurring. Understanding the various log files in which Red Hat Linux records important events is critical to this goal. The log files for your Red Hat Linux system can be found in the /var/log directory. You can cd to that directory and use the ls command to list its contents. Table 14-8 lists some of the log files. Table 14-8: Log Files in the /var/log Directory Filename Description boot.log Contains messages indicating which systems services have started up and shut down successfully and which (if any) have failed to start or stop. cron Contains status messages from the crond, a daemon that periodically runs scheduled jobs, such as backups and log file rotation. dmesg A recording of messages printed by the kernel when the system boots. lastlog The latest login date and time for each user on the system. log.smb Messages from the Samba SMB file service daemon. maillog Contains information about addresses to which and from which e-mail was sent. Useful for detecting spamming. messages A general-purpose log file to which many programs record messages. news Directory containing logs of messages from the Usenet News server, if you are running one. secure Records the date, time, and duration of login attempts and sessions. sendmail Error messages recorded by the sendmail daemon. uucp Status messages from the Unix to Unix Copy Protocol daemon. wtmp Information about who is currently logged into the system and what he or she is doing. (This is not a text file, so you must use tools such as the who command to see the information.) xferlog Information about files transferred using the FTP service. The role of syslogd Most of the files in the /var/log directory are maintained by the syslogd process. The syslogd daemon is the System Logging Daemon. It accepts log messages from a variety of other programs and writes them to the appropriate log files. This is better than having every program write directly to its own log file because it allows you to centrally manage how log files are handled. It is possible to configure syslogd to record varying levels of detail in the log files. It can be told to ignore all but the most critical message, or it can record every tiny detail.
We highly recommend you visit web and email hosting services if you need stable and cheap web hosting platform for your web applications.