User commands and logs
All these logs and commands are a lot to learn. Fortunately, much of the information they offer is easy to read and understand.
In many cases, too, you only need one or two of these information sources in any given context. For example, if you suspect that an account password has been compromised, probably all you need to do is examine
lastlog for login attempts at a time when the legitimate user was away from the keyboard. Similarly, a corporate administrator might want to use
w to see whether the processes a user is running during office hours include PySol and Battle of Wesnoth.
In other words, it's all about choosing the right tool for the job at hand. Familiarize yourself with these logs and tools in a general way, and you will generally be able to know which tool you should use in any particular circumstance.
Buy this article as PDF
Azure CTO says Redmond has already considered the unthinkable.
Lead developer quells rumors that the Debian version is slated for center stage.
MSBuild is now just another GitHub project as Redmond continues its path to the light.
Malware could pass data and commands between disconnected computers without leaving a trace on the network.
New rules emphasize collegiality in coding.
Upstart lands in the dust bin as a new era begins for Linux.
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.