Re: [Rkhunter-users] syslog remote logging detection
Brought to you by:
dogsbody
Menu
▾
▴
Re: [Rkhunter-users] syslog remote logging detection
|
From: <un...@hu...> - 2007-02-27 00:45:28
|
Hello JJ,
On Mon, 26 Feb 2007 21:39:37 +0100 John Fitzgerald
<jjf...@gm...> wrote:
>A quick heads-up/note/question regarding syslog remote logging
>detection
>with rkhunter.
>ps -auwwx | grep syslogd
>
>to find out if syslogd is running with the -f parameter pointing
>to another syslog.conf file which might have remote logging
specified.
Good one, thanks.
I'll add it to the todo list.
Regards, unSpawn
RKHTMPVAR=""
for TMPVAR in `\ps -auwwx | grep syslogd | awk -F'-f' '{print
$2}'`; do
if [ -f "$TMPVAR" ]; then RKHTMPVAR=$TMPVAR; break; fi; done
if [ -z $RKHTMPVAR ]; then echo "Syslogd using regular
configuration file."
else echo "Syslogd using alternative configuration file:
$RKHTMPVAR."; fi
--
Click to lower your debt and consolidate your monthly expenses
http://tagline.hushmail.com/fc/CAaCXv1QPRVFZ453jVFZmv3d9DZoVUYS/
|