FLOPPIX Home | FAQ | Download | Labs | ToC | Back |  Next 

Examining System Logs


Notes:

  1. Syslogd controls the logging of messages from the kernel, various daemons, authorization events, etc.

  2. The configuration file for syslogd is /etc/syslog.conf

  3. On floppix, system logs are recorded on virtual console 8. Press [alt][F8] to view the logs.

  4. Note: some utilities create their own log files so some information that is not saved by syslog may still be logged.


Exercise:

This lab involves executing various commands and then checking in the log to see if the event was logged. System logs are most useful if you can identify normal and abnormal entries. So this is the time to look at normal activities and the log entries they generate. For each of the following, do the required action and then switch to virtual console 8 to view the log entry. Note: some activities may not generate log messages.

  1. Load floppix but do NOT login
    Switch to virtual console 8 to view the log messages.
    What types of activities are logged during system startup?
     

  2. What is the last entry in the log?
     

  3. Login using your own initials. What log entry (if any) was generated?
     

  4. Enter the command "su -" to become root. What log entry (if any) was generated?


  5. Determine your ip address (ifconfig). What log entry (if any) was generated?


  6. "telnet localhost". What log entry (if any) was generated?


  7. At the login prompt for the telnet session, login as alterego. What log entry (if any) was generated?


  8. Logout of the telnet session. What log entry (if any) was generated?


  9. Use vi to edit the file /etc/hosts.allow. This file and /etc/hosts.deny control which other systems are allowed to make certain types of network connections to your system. At the moment, no-one else is allowed to connect to your system but you can make a network connection to yourself. Currently the last line of this file reads "ALL: 127.0.0.1".  Change it to: "in.ftpd: 127.0.0.1". What log entry (if any) was generated when you edited this file?
     

  10. "telnet localhost". This time, what log entry (if any) was generated?
     

  11. Read the mail message(s) for root. What log entry (if any) was generated?
     

  12. Change the owner of  getme to alterego. What log entry (if any) was generated?


  13. "exit" from the root account. What log entry (if any) was generated?


  14. "ftp localhost"  and login as alterego. What log entry (if any) was generated?


  15. Download getme and quit. What log entry (if any) was generated?


  16. Send email to alterego. What log entry (if any) was generated?


  17. Create a crontab to echo Study Linux every minute. What log entry (if any) was generated?


  18. Wait one minute (until your crontab runs at least once). What log entry (if any) was generated?


  19. Delete the crontab. What log entry (if any) was generated?


  20. Change your password. What log entry (if any) was generated?


  21. Put floppix disk 1 in the floppy drive and mount it. What log entry (if any) was generated?
     

  22. Eject the floppy and then "umount /floppy". What log entry (if any) was generated?
     

Copyright © L.M.MacEwan
FLOPPIX Home | FAQ | Download | Labs | ToC | Back |  Next