Second Hard Drive Means Life or Death Published: Jan 15, 2006
  • Rating

    5/5

Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins.

Want to be notified instantly when someone logs into your server as root? No problem, check out this nice tutorial on email notification for root logins. Keeping track of who logs into your server and when is very important, especially when you're dealing with the super user account. We recommend that you use an email address not hosted on the server your sending the alert from.

So lets get started!

1.
Login to your server and su to root, I know the irony!

2. cd /root

3. pico .bashrc

4. Scroll to the end of the file then add the following:
echo 'ALERT - Root Shell Access (YourserverName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`" you@yourdomain.com

Replace YourServerName with the handle for your actual server
Replace you@yourdomain.com with your actual email address

5. Crtl + X  then Y

Now logout of SSH, close the connection and log back in! You should receive an email address of the root login alert a few minutes afterwards.

Note: This is a great tool for servers that have multiple admins or if you give someone SSH access for whatever reason, although you should give out the root password to as few people as humanly possible and be sure to change it often.

This will not magically alert you when a hacker runs the latest kernel exploit on your server and logs into SSH because they will create their own SSH/telnet connection. You should keep your system up to date, install a firewall and follow the latest security releases.
  • Rating

    5/5

Related Articles

Comments (2)

  • Gravatar - Deano
    Deano 16:10, January 29, 2006
    Thx for the article, I never really thought about this until I read your article.<br />
    <br />
    Currently Im looking for an alternative dedicated server host called 123-reg.<br />
    <br />
    Im having around 10gb bandwidth aday, so bandwidth and uptime is a major issue I have.<br />
    <br />
  • Gravatar - runningyour.com
    runningyour.com 08:16, August 7, 2006
    Great article! Having backups is crucial! However, second harddrive itself won't save you - make sure you have a copy of your backups at home or at work or somewhere else. Why? Because your serving hosting company can wipe them accidentally. It happened to me - they were performing OS reload on the first harddrive and destroyed my backups on my second harddrive even though I repeatedly asked them not to do it! True story... I'm glad I had backups at home!<br />
    <br />
    Michael

Add Your Thoughts

WebHostGear.com is a hosting directory, not a web host.

Copyright © 1998-2019 WebHostGear.com