User commands and logs
All these logs and commands are a lot to learn. Fortunately, much of the information they offer is easy to read and understand.
In many cases, too, you only need one or two of these information sources in any given context. For example, if you suspect that an account password has been compromised, probably all you need to do is examine
lastlog for login attempts at a time when the legitimate user was away from the keyboard. Similarly, a corporate administrator might want to use
w to see whether the processes a user is running during office hours include PySol and Battle of Wesnoth.
In other words, it's all about choosing the right tool for the job at hand. Familiarize yourself with these logs and tools in a general way, and you will generally be able to know which tool you should use in any particular circumstance.
Buy this article as PDF
Kernel king admits his tone has alienated volunteers, but says the demands of the process require directness.
New flaw in an old encryption scheme leaves the experts scrambling to disable SSL 3
Lennart Poettering wants to change the way Linux developers talk to each other.
Enterprise giant frees itself from ink and home PCs (and visa versa).
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.