Re: [Rkhunter-users] syslog remote logging detection
Brought to you by:
dogsbody
From: <un...@hu...> - 2007-02-27 00:45:28
|
Hello JJ, On Mon, 26 Feb 2007 21:39:37 +0100 John Fitzgerald <jjf...@gm...> wrote: >A quick heads-up/note/question regarding syslog remote logging >detection >with rkhunter. >ps -auwwx | grep syslogd > >to find out if syslogd is running with the -f parameter pointing >to another syslog.conf file which might have remote logging specified. Good one, thanks. I'll add it to the todo list. Regards, unSpawn RKHTMPVAR="" for TMPVAR in `\ps -auwwx | grep syslogd | awk -F'-f' '{print $2}'`; do if [ -f "$TMPVAR" ]; then RKHTMPVAR=$TMPVAR; break; fi; done if [ -z $RKHTMPVAR ]; then echo "Syslogd using regular configuration file." else echo "Syslogd using alternative configuration file: $RKHTMPVAR."; fi -- Click to lower your debt and consolidate your monthly expenses http://tagline.hushmail.com/fc/CAaCXv1QPRVFZ453jVFZmv3d9DZoVUYS/ |