User commands and logs

Circumstantial Evidence

All these logs and commands are a lot to learn. Fortunately, much of the information they offer is easy to read and understand.

In many cases, too, you only need one or two of these information sources in any given context. For example, if you suspect that an account password has been compromised, probably all you need to do is examine lastlog for login attempts at a time when the legitimate user was away from the keyboard. Similarly, a corporate administrator might want to use w to see whether the processes a user is running during office hours include PySol and Battle of Wesnoth.

In other words, it's all about choosing the right tool for the job at hand. Familiarize yourself with these logs and tools in a general way, and you will generally be able to know which tool you should use in any particular circumstance.

The Author

Bruce Byfield is a computer journalist and a freelance writer and editor specializing in free and open source software. In addition to his writing projects, he also teaches live and e-learning courses. In his spare time, Bruce writes about Northwest coast art. You can read more of his work at http://brucebyfield.wordpress.com

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Introducing Bash

    Beyond all the splash screens, screen savers, and vivid rock-star wallpaper is the simple yet powerful Bash shell.

  • Command Line: More Secure Passwords

    Even with encrypted drives, account passwords remain one of the prime security methods for any Linux system. With a little knowledge of the available commands and their options, you can make your account passwords more secure.

  • Bash Tricks

    The Bash shell is powerful and infinitely expressive. In this article we describe some tricky techniques you can use to enhance and customize your Bash environment.

  • Command Line – Killing Processes

    Linux offers a variety of tools for shutting down systems and processes. We describe some important commands.

  • Command Line: User Accounts

    Linux is a multiuser system: many users can work at the same machine at the same time on separate accounts. In this month’s column, we take a close look at how to create and manage Linux user accounts from the command line.

comments powered by Disqus