Logs
-
Upload
stefan-fodor -
Category
Technology
-
view
658 -
download
0
Transcript of Logs
Blue Gradients
Big brother is watching you
Stefan FODOR(backb0ne fl00d3r )
Lucky-Day from May
Log
Overview
What is?
Example..
Iptables and logs
Introducing snort
Live Demo?
Question?
What are Log Files?
Records an eventNormal behavior
Warning
Errors
Other anomalies
Data usually saved Date+time
Code
Error/warning message
Program or user who generated it
Used toDebug
Trace errors
Check for intrusions
Statistics
/var/log
/var/log
Kernel Logs
Log, warn, err
dmesg
Web server
apt
logrotate
Dmesg messages from kernel
For the untrained eyes
For the trained eyes
File dependency legit request
Legit request
SQL injection?
?
iptables and log files
$ iptables -A INPUT -j LOG --log-level 4
Store iptables logs to /var/log/iptables.log
$ nmap 192.168.1.20
Nmap and iptables
Snort and log files
Installed snort
Set rules for nmap
Configured log file
BASE interface
Run nmap
Regular Nmap Scan
Stealth Scan + OS Det
Live Demo?
(As needed)
Questions?