| If something goes wrong with your system, you can read through your logs to find out what. The makers of Portsentry also have another tool that makes checking errant log entries easier: Logcheck. Logcheck will email you log entries every hour, letting you know about the unusual events that happen with your system. To install Logcheck, type the following: cd /usr/local/src
wget http://www.psionic.com/tools/logcheck-1.1.1.tar.gz
gunzip logcheck-1.1.1.tar.gz
tar -xf logcheck-1.1.1.tar
cd logcheck-1.1.1/systems/linux
make linux The last command will install the Logcheck software for your system. The last step is to set your crontab to run Logcheck every hour (recommended by Psionic) and mail you a list of unusual system events. Type: crontab –e and add the following line: 00 * * * * /usr/local/etc/logcheck.sh Be sure to check your root email at least once a day to see if there’s any funny stuff hap-ping on your system. Logcheck will not send any part of the system logs if nothing un-usual happened. Another good command to know for checking the integrity of your system is ps. When you issue the command ps aux the computer delivers a list of all running processes on your system (see the figure below). While you will not recognize them all at first, you should begin to recognize the common processes that should be running, and those that are extras. Pay attention to the unfamiliar processes and learn what they are. If you have any doubt about a process after researching it, kill it: kill –9 PID “PID” stands for the process ID: a numerical representation of each running process on the system. | 