OpenBSD Journal

Securing Small Networks with OpenBSD, Part 5

Contributed by Dengue on from the dept.

Jacek Artymiak writes :
" Securing Small Networks with OpenBSD, Part 5 is up on's BSD DevCenter (part of O'Reilly Network). Enjoy! "

(Comments are closed)

  1. By Paul Bunyan () on

    Nice article, but a little explanation on how to view old logs would be wonderful. I guess I gunzip one of the older files to /tmp and then use tcpdump to read it. Is that the best way?

    Every so often I want to go back further with last to see login activity, but I don't remember being successful. Of course, I'm writing this on the spur of the moment, and if I really wanted to know I would "HAVE READ THE MANUAL, SEARCHED THE ARCHIVES, YADA YADA" so save the electrons.....

    Keep the articles coming!

    1. By Anonymous Coward () on

      "gunzip -c pflog.0.gz | tcpdump -r -" is probably the easiest way.

      1. By RC () on

        "gzcat pflog.0.gz | tcpdump -r -" will save a couple keystrokes, AND it's best feature is that you never forget the "-c" or "<" that is needed with gunzip. I've made that mistake a number of times before I used gzcat exclusively. (bzcat as well)

    2. By Anonymous Coward () on

      pflog gzcat pflog.0.gz | tcpdump -r
      authlog gzcat authlog.0.gz
      maillog gzcat maillog.0.gz
      daemon gzcat daemon.0.gz
      messages gzcat messages.0.gz
      secure gzcat secure.0.gz

      but what do you do with wtmp?
      gzcat wtmp.0.gz | last -f - fails under ksh

      1. By Gioffreus () on

        wtmp? well, `last -f -' doesn't work because '-f' wants a real file... replace '-f -' with '-f file' .

        it calls for a temporary file. `gzcat wtmp.0.gz >file ; last -f file | less ; rm file' will do the job. i have to admit though that it would be nice if you could do it with '-f -' like you can with so many other programs...
        cheers =)


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]