/usr/lib/tiger/html/logfiles.html is in tiger 1:3.2.4~rc1-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 | <HR><PRE>
</PRE><HR>
<CENTER><H2> Documents for logfiles</H2></CENTER>
<A NAME="logf001f"><P><B>Code [logf001f]</B><P>
The log file "wtmp" should exist to show an audit trail of which user has
logged into the server. This file is accessed by the command "last".
It might not exist due to a system configuration error or an
intruder that has tried to cover this tracks by removing it.
<PRE>
</PRE><HR>
<A NAME="logf002f"><P><B>Code [logf002f]</B><P>
The log file "btmp" should exist to log a list of bad logins.
This file is accessed using the command "lastb".
It might not exist due to a system configuration error or an
intruder that has tried to cover this tracks by removing it.
<PRE>
</PRE><HR>
<A NAME="logf003f"><P><B>Code [logf003f]</B><P>
The log file "lastlog" should exist to show a user's most recent login
session on the server. This file is accessed by the command "lastlog".
It might not exist due to a system configuration error or an
intruder that has tried to cover this tracks by removing it.
<PRE>
</PRE><HR>
<A NAME="logf004f"><P><B>Code [logf004f]</B><P>
The log file "utmp" should exist so that a list of current users on the
server can be listed. This is accessed by the command "who".
It might not exist due to a system configuration error or an
intruder that has tried to cover this tracks by removing it.
<PRE>
</PRE><HR>
<A NAME="logf005f"><P><B>Code [logf005f]</B><P>
The log file does not have proper permissions set. It is recommended that
you change the permissions to those suggested for these file.
<PRE>
</PRE><HR>
<A NAME="logf005w"><P><B>Code [logf005w]</B><P>
There are no umask entries in the configuration file. It is recommended
that there are umask entries set in the configuration file.
<PRE>
</PRE><HR>
<A NAME="logf006f"><P><B>Code [logf006f]</B><P>
The log file "loginlog" should exist to show a user login attempts
on the server.
It might not exist due to a system configuration error or an
intruder that has tried to cover this tracks by removing it.
<PRE>
</PRE><HR>
<A NAME="logf007f"><P><B>Code [logf007f]</B><P>
The log file "messages" should exist to show a trace of the system logs
(including reboots and kernel messages), it is also often used by the
syslog daemon to log information. The contents of the "messages" logfile
depends upon the configuration of the syslog.conf and varies by
distribution and/or system administrator preference.
It might not exist if you have configured your system to use a
different file for logging or if an intruder has tried to cover
his tracks by removing it since the messages file might contain
bad login attempts from local users and remote hosts.
|