Announcement

Collapse
No announcement yet.

Install a root breach DETECTOR and EMAIL WARNING

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Install a root breach DETECTOR and EMAIL WARNING

    If someone does happen to get root, be warned quickly by installing a detector and warning at your box. You will at least get the hackers/spammers ip address and be warned someone is in there.


    Server e-mail everytime someone logs in as root

    To have the server e-mail you everytime someone logs in as root, SSH into server and login as root.


    At command prompt type:
    pico .bash_profile

    Scroll down to the end of the file and add the following line:

    echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" [email protected]

    Save and exit.


    Set an SSH Legal Message

    To an SSH legal message, SSH into server and login as root.

    At command prompt type:
    pico /etc/motd

    Enter your message, save and exit.
    Note: I use the following message...

    ALERT! You are entering a secured area! Your IP and login information
    have been recorded. System administration has been notified.
    This system is restricted to authorized access only. All activities on
    this system are recorded and logged. Unauthorized access will be fully
    investigated and reported to the appropriate law enforcement agencies.
Working...
X