Re: question about security logs

["????????? ?????????" <na () avacom ru>]

I think the best is check firewall logs & error logs. In firewall logs you 
can see who scan ports on your server also you can see lot of fun =) from 
script kiddie. And in error log you can see any error in your system, it 
may be not only security.
----- Original Message ----- 
From: "Tahis Vera" <tahis.vera () gmail com>
To: "Security Basics" <security-basics () securityfocus com>
Sent: Thursday, June 30, 2005 1:11 PM
Subject: question about security logs


Hi all,
Pardon me if the question is too basic, but I wanted to know which
logs are the most important to check everyday for security purposes
(I'm using Linux Debian).
I check auth.log daily, and the accesses for some programs, but I read
some articles that say that there are logs that must be checked
regularly in the system in order to keep safe and identify possible
intrusions/activity in the network.

thanks

tahis