Well welcome back guys to my blog on Tips for Linux server monitoring the activities on Linux server.
The following tips will allow you to monitor the activity on Linux server.Its start with the few assumptions like
like installation of mail agent etc .
so lets start with it.
First of all you need to have internet connectivity on server if so then by default postfix is installed on you server so you can go for it else if you don't have internet connectivity and you have mail server configured on some other server This can be the code when you are running payment-gateway on server and PCI slandered won't allow you to so so then
Install mailx as a client to send a mail so that you can use a command mail to send a mail
#yum install mailx
Install ssmtp on your Centos server and open the /etc/ssmtp/ssmtp.conf
# vim /etc/ssmtp/ssmtp.conf file
the added the following line to the file make sure you change the email address and password as per your mail server configuration.
for simplicity and to cover more point i am taking gmail as my mailing server not the default postfix.
and we will receive a mail for it.
Then open /etc/aliases
vim /etc/aliases
and find the like look like this
# Person who should get root's mail
#root: marc
and change this to look like this
# Person who should get root's mail
root: vijay99867206455@gmail.com
as written in file dont forget to fire newaliases command
#newaliases
the simply login as user other than root and try to use sudo with wrong password and you will see you start getting alart for then too for any security breach or any unwanted activity you start getting alert.Its a very small tip but will help you alot for handing large servers for more convinces if you server's ip is 192.168.1.100 then change the host name to 192-168-1-10 or some thing like this so you will get the more clue if you are handling large number of servers
Thanks guys letme know if you have any issue you can mail me on my mail id
The following tips will allow you to monitor the activity on Linux server.Its start with the few assumptions like
- you are using CentOS server
- You are also having minimal installation of Centos
like installation of mail agent etc .
so lets start with it.
First of all you need to have internet connectivity on server if so then by default postfix is installed on you server so you can go for it else if you don't have internet connectivity and you have mail server configured on some other server This can be the code when you are running payment-gateway on server and PCI slandered won't allow you to so so then
Install mailx as a client to send a mail so that you can use a command mail to send a mail
#yum install mailx
Install ssmtp on your Centos server and open the /etc/ssmtp/ssmtp.conf
# vim /etc/ssmtp/ssmtp.conf file
the added the following line to the file make sure you change the email address and password as per your mail server configuration.
for simplicity and to cover more point i am taking gmail as my mailing server not the default postfix.
AuthUser=vijay9867206455@gmail.com
AuthPass=xxxxxxxx
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt
AuthPass=xxxxxxxx
FromLineOverride=YES
mailhub=smtp.gmail.com:587
UseSTARTTLS=YES
TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt
I have added the last line as while using the gmail you will get a typical error that can not connect to smtp.gmail.com and to avoid the error I have added the below line for the TLS certificate.
then close the file and execute the following commands
# service sendmail stop && service postfix stop
# chkconfig sendmail off
# mv /usr/sbin/sendmail /usr/sbin/sendmail.old
# ln -s /usr/sbin/ssmtp /usr/sbin/sendmail
so good so then strat the postfix service and we will try to send a sample mail by using following command.
#echo "This is a test" | mail -s "Test" vijay9867206455@gmail.com
and we will receive a mail for it.
Then open /etc/aliases
vim /etc/aliases
and find the like look like this
# Person who should get root's mail
#root: marc
and change this to look like this
# Person who should get root's mail
root: vijay99867206455@gmail.com
as written in file dont forget to fire newaliases command
#newaliases
the simply login as user other than root and try to use sudo with wrong password and you will see you start getting alart for then too for any security breach or any unwanted activity you start getting alert.Its a very small tip but will help you alot for handing large servers for more convinces if you server's ip is 192.168.1.100 then change the host name to 192-168-1-10 or some thing like this so you will get the more clue if you are handling large number of servers
Thanks guys letme know if you have any issue you can mail me on my mail id