System Security Monitor root access

Security of the server always come first , especially web server which access by the worldwide and hackers always keep eyes on those server's.
So, its good if you have system which automatically send a email notification via email whenever someone logs in as root on your system.
To configure the automatic email alert notification to a email address on each incident of root log on on the server, use the following guide.
Login to the server via SSH using as root ID.
  • Ensure that you’re at home directory of root. The open up the .bash_profile for editing using pico or vi by typing one of the following commands at linux command shell:
    pico .bash_profilevi .bash_profile
  • Scroll down to the end of the file and add the following line:
    echo 'ALERT - Root Shell Access on:' `date` `who` mail -s "Alert: Root Access from `who cut -d"(" -f2 cut -d")" -f1`" user@example.com
    Replace user@email.com with the actual email account address that you want to the root access alert notification been sent to. Note that you can change the text contains in the email alert too. The text starting with first ALERT is written as email body, and you can add in other info such as host name or change the wordings. The second Alert is the email title which you can change to your own too.

Note that you can change the text contains in the email alert too. The text starting with first ALERT is written as email body, and you can add in other info such as host name or change the wordings. The second Alert is the email title which you can change to your own too.

Now logout and login again as root, you should receive an email alert at your inbox. The security trick should works on most popular flavor of Linux such as RedHat, CentOS, Ubuntu, FreeBSD and etc.

Comments

Post a Comment

Popular posts from this blog

How do I Use the Linux Top Command?

The Unix top command is designed to help users determine which processes are running and which applications are using more memory or processing power than they should be. The top command is very easy to use but you should know the things in details. The output of to is : top output: top - 22:09:08 up 14 min, 1 user, load average: 0.21, 0.23, 0.30 Tasks: 81 total, 1 running, 80 sleeping, 0 stopped, 0 zombie Cpu(s): 9.5%us, 31.2%sy, 0.0%ni, 27.0%id, 7.6%wa, 1.0%hi, 23.7%si, 0.0%st Mem: 255592k total, 167568k used, 88024k free, 25068k buffers Swap: 524280k total, 0k used, 524280k free, 85724k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3166 apache 15 0 29444 6112 1524 S 6.6 2.4 0:00.79 httpd 3161 apache 15 0 29444 6112 1524 S 5.9 2.4 0:00.79 httpd 3164 apache 15 0 29444 6112 1524 S 5.9 2.4 0:00.75 httpd 3169 apache 15 0 29444 6112 1524 S 5.9 2.4 0:00.74 httpd 3163 apache 15
Read more

IOPS measurement

Image
IOPS (input/output operations per second) is the standard unit of measurement for the maximum number of reads and writes to non-contiguous storage locations of devices like hard disk drives (HDD), solid state drives (SSD), and storage area networks (SAN). IOPs is often measured with an open source network testing tool called an Iometer. Some commonly accepted averages for random IO operations, calculated as 1/(seek + latency) = IOPS:  IOPS calculations Every disk in your storage system has a maximum theoretical IOPS value that is based on a formula. Disk performance — and IOPS — is based on three key factors: Rotational speed (aka spindle speed). Measured in revolutions per minute (RPM), most disks you'll consider for enterprise storage rotate at speeds of 7,200, 10,000 or 15,000 RPM with the latter two being the most common. A higher rotational speed is associated with a higher performing disk. This value is not used directly in calculations, but it is highly i
Read more