Linux commands to view and find security events

Сollection of commands for auditing linux systems w who whoami last -f /var/log/btmp lastb /var/log/btmp — failed login attempts. /var/run/utmp — current login sessions /var/log/wtmp — list of all login sessions. id uname -a pwd ps -aux pstree ls -ltr ls -lah | tee content ls -la lsof -i cat /proc/self/environ netstat -nvp netstat -anp… Continue reading Linux commands to view and find security events