Skip to Main Content
Network Security Hacks, 2nd Edition
book

Network Security Hacks, 2nd Edition

by Andrew Lockhart
October 2006
Intermediate to advanced content levelIntermediate to advanced
478 pages
12h 11m
English
O'Reilly Media, Inc.
Content preview from Network Security Hacks, 2nd Edition

Chapter 8. Logging

Hacks 7986

Keeping logs is an important aspect of maintaining the security of your network, because logs can assist in everything from alerting you to an impending attack to debugging network problems. After an incident has occurred, good logs can help you track down how the attacker got in, fix the security hole, and figure out which machines were affected. In addition, logs can help with tracing the attack back to its source, so you can identify or take legal action against the intruder. In short, log files are worth their weight in gold (just pretend that bits and bytes weigh a lot). As such, they should be given at least as much protection as any other information that’s stored on your servers—even the patent schematics for your perpetual motion machine.

This chapter deals mostly with various ways to set up remote logging, whether you’re setting up a simple central syslogd for your servers to log to, setting up your Windows machines to log events to your syslog server, or using syslog-ng to collect logs from remote sites through an encrypted TCP connection. Using these methods, you can ensure that your logs are sitting safely on a dedicated server that’s running minimal services, to decrease the chance that the logs will be compromised.

Once you have all your logs collected in a central place, what can you do with them? This chapter also covers ways to summarize your logs into reports that are easy to read and understand, so you can quickly spot the most pertinent ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Network Security Hacks

Network Security Hacks

Andrew Lockhart
Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596527632Errata Page