ARTICLES
Linux
Log Files :-
Ø logfiles are located under
/var/log directory and its sub-directories on Linux.
How do I
view log files on Linux?
Open the Terminal or
login as root user using ssh command.
# cd /var/log
To list files use the
following ls command:
To view a common log file called /var/log/messages use
any one of the following command:
[root@DT03218IT ~]# # less /var/log/messages
Common Linux log files
names and usage
/var/log/messages
: General message( logged during system
startup) and system related stuff(including mail, cron, daemon, kern, auth,
etc.)
/var/log/lighttpd/ –
Contains light HTTPD access_log and error_log
/var/log/conman/ –
Log files for ConMan client. conman connects remote consoles that are managed
by conmand daemon.
/var/log/prelink/ –
prelink program modifies shared libraries and linked binaries to speed up the
startup process. /var/log/prelink/prelink.log contains the information about
the .so file that was modified by the prelink.
[root@DT03218IT
~]# who
root tty1
2013-12-09 10:44
In above case, I am the sole user of the system. I was running the server from an Oracle VirtualBox and accessing it as root from both the console and an SSH session. Two other user accounts (sysadmin and harry) were also accessing the system.
List of Port in Networking:-
Common Linux log files
names and usage
/var/log/messages
: General message( logged during system
startup) and system related stuff(including mail, cron, daemon, kern, auth,
etc.)
/var/log/auth.log : Authenication logs
/var/log/kern.log : Kernel logs
/var/log/cron.log :
Crond logs (cron job)
/var/log/maillog
: Mail server logs
/var/log/qmail/
: Qmail log directory
(more files inside this directory)
/var/log/httpd/
: Apache access and error logs directory
/var/log/lighttpd/
: Lighttpd access and error logs directory
/var/log/boot.log :
System boot log
/var/log/mysqld.log :
MySQL
database server log file
/var/log/secure
or /var/log/auth.log : Authentication log
/var/log/utmp
or /var/log/wtmp : Login records file
/var/log/yum.log :
Yum
command log file.
/var/log/faillog : Contains user failed
login attemps.
/var/log/lighttpd/ –
Contains light HTTPD access_log and error_log
/var/log/conman/ –
Log files for ConMan client. conman connects remote consoles that are managed
by conmand daemon.
/var/log/prelink/ –
prelink program modifies shared libraries and linked binaries to speed up the
startup process. /var/log/prelink/prelink.log contains the information about
the .so file that was modified by the prelink.
/var/log/audit/ –
Contains logs information stored by the Linux audit daemon (auditd).
/var/log/setroubleshoot/ –
SELinux uses setroubleshootd
/var/log/samba/ –
Contains log information stored by samba
/var/log/sa/ –
Contains the daily sar files that are collected by the sysstat package.
/var/log/sssd/ –
Use by system security services daemon that manage access to remote directories
and authentication mechanisms
[root@DT03218IT
~]# who
root tty1
2013-12-09 10:44
root pts/0
2013-12-09 10:29 (10.0.2.2)
sysadmin pts/1 2013-12-09 10:31
(10.0.2.2)
harry pts/2 2013-12-09 10:39
(10.0.2.2)
In above case, I am the sole user of the system. I was running the server from an Oracle VirtualBox and accessing it as root from both the console and an SSH session. Two other user accounts (sysadmin and harry) were also accessing the system.
Port Number :-used to determine what protocol incoming traffic should be directed to.
- Well-known ports range from 0 through 1023.
- Registered ports are which is 1024 to 49151.
- Dynamic ports (also called private ports) are 49152 to 65535.
- Port Number :-used to determine what protocol incoming traffic should be directed to.
- TCP which stands for “Transmission Control Protocol”, is a suite of communication protocols used to interconnect network devices on a local network or a public network like the internet. TCP is known as “connection-oriented” protocols as it ensures each data packet is delivered as requested.
- UDP which stands for “User Datagram Protocol” is part of the TCP/IP suite of protocols used for data transferring. UDP is a known as a “connectionless-oriented” protocol, meaning it doesn’t acknowledge that the packets being sent have been received.
| PROTOCOLS (SERVICE NAMES) | PORTS NUMBERS | TRANSPORT PROTOCOLS | MEANINGS |
| 1.File Transfer Protocol (FTP) | 20 and 21 | TCP | It is a protocol that carries data guarantees that data will be delivered properly. |
| 2.Secure Shell (SSH) | 22 | TCP and UDP | It is a cryptographic network protocol used to secure data communication. |
| 3.Telnet | 23 | TCP | It is the used for remote management protocol for managing network devices. |
| 4.Simple Mail Transfer Protocol (SMTP) | 25 | TCP | It is a communication protocol which is used to transmit email messages over the internet to the destination server. |
| 5.Domian Name System (DNS) | 53 | TCP and UDP | It is used in the performance of one simple task of converting IP address
To domain names that everyone can easily understand.
|
| 6.Trivial File Transfer Protocol (TFTP) | 69 | UDP | TFTP is typically used by devices to upgrade software and firmware and that include cisco. |
| 7.Hyper Text Transfer Protocol (HTTP) | 80 | TCP | It is a kind of protocol used to define how data is transmitted and formatted and also used by www as a channel for communication. |
| 8.Dynamic Host Configuration Protocol (DHCP) | 67 and 68 | UDP | It is a kind of service used in the client and server model. |
| 9.Post Office Protocol 3 (POP3) | 110 | TCP | It is a protocol used by e-mail client to retrieve e-mail from the servers. |
| 10.Network News Transport Protocol (NNTP) | 119 | TCP | nntp is an application protocol used for transporting USENET news articles between news servers and the end user client. |
| 11.Network Time Protocol (NTP) | 123 | UDP | It is the synchronization of time between network devices in the network. |
| 12.NetBIOS | 135 and 139 | TCP and UDP | NetBIOS itself is not a protocol but is typically used in combination with IP with the NetBIOS over TCP/IP protocol. |
| 13.Simple Network Management Protocol (SNMP) | 161 and 162 | TCP and UDP | It has the ability to monitor, configure and control network devices. |
| 14.Lightweight Directory Access Protocol | 389 | TCP and UDP | LDAP provides a mechanism of accessing and maintaining distributed directory information. |
| 15.Transport Layer Security (TLS) | 443 | TCP | It is a protocol of a secured socket layer that uses asymmetric keys to transfer data over a network. |
| 16.Real-Time Transport Protocol. (RTP) | 1023 TO 65535 | UDP | It is used for delivering audio and video data over an IP network. |
| 17.Hyper Text Transfer Protocol Secure. (HTTPS) | 443 | TCP | It renders authentication and encryption that provides secure communication with the use of secure socket layer. |
| 18.Internet Message Access Protocol. (IMAP4) | 143 | TCP and UDP | It is an application layer protocol and an internet standards for e-mail retrieval. |
| 19.Address Resolution Protocol (ARP) | 3389 | TCP | It is used to resolve the network layer address into the link address. |
| 20.Border Gateway Protocol (BGP) | 179 | TCP | It is used to maintain very large routing tables and traffic processing. |
| 21.Internet Relay Chat (IRC) | 194 | UDP | It is an application layer protocol that facilitate communication in the form of text. |
| 22.Session Initiation Protocol. (SLP) | TCP and UDP | It is used to establish, modify, and terminate multimedia communication session such as VoIP. | |
| 23.Session Description Protocol.(SDP) | TCP | It describes the content of multimedia communication. | |
| 24.Remote Desktop Protocol. (RDP) | 3389 | TCP | It provides a user with a graphical interface to connect to another computer over a network connection. |
| 25.Server Message Block (SMB) | TCP | It is an application layer protocol that helps in accessing network resources, such as shared files and printers. | |
| 26.Secure File Transfer Protocol (SFTP) | 22 | TCP and UDP | It uses the SSH protocol to access and transfer file over the network. |
| 27.Internet Group Management Protocol (IGMP) | 2 | TCP | It is a communication protocol used by hosts and adjacent routers on IPv4 network to establish multicast group membership. |
| 28.Route Access Protocol (RAP) | 38 | TCP | |
| 29.Resource Location Protocol (RLP) | 39 | TCP | It is used for determining the location of higher level service from host on a network. |
| 30.Host Name Server Protocol (HNSP) | 42 | TCP | |
| 31.Internet Control Messages Protocol (ICMP) | 1 | PING | It is used by a ping utility to check the reachability the device in a network. |
| 32.Remote Directory Access Protocol (RDAS) | TCP | It is used retrieves information about domain names from a central registry. | |
| 33.Lightweight Presentation Protocol (LPP) | TCP and UDP | It is describe an approach for providing stream lined support of OSI application services on top of TCP/IP –based network for some constrained environment. | |
| 34.Remote Procedure Call Protocol (RPC) | TCP and UDP | It is a protocol for requesting a service from a program location in a remote computer through a network. | |
| 35.Network Address Translation (NAT) | 3022 | TCP and UDP | It is the method by which IP addresses are mapped from one group to another, transparent to end users. |
| 36.Microsoft Active Directory Protocol (MADP) | 445 | TCP | it is used by Microsoft server operating systems for client/server access and file and printer sharing. |
| 37.Calender Access Protocol (CAP) | 1026 | TCP | It is used by Novell GroupWise for its calendar access protocol and also used by windows task scheduler. |
| 38. Layer Two Tunneling Protocol.(L2TP) | 1701 | TCP | It is used to connect two private business network together over an internet connection to create a virtual network. |
| 39.Point To Point Tunneling Protocol (PPTP) | 1732 | TCP | A tunneling and encryption standard is used to connect two private business network together over an internet connection to create a virtual network. |
| 40.Remote Procedure Call (RPC) | 135 | TCP | It holds information regarding which ports and IP addresses the services are currently running . |
Comments
Post a Comment