208Part IIRunning the Showto (Unable to start debugging on the web server) grant universal access to
208Part IIRunning the Showto grant universal access to a particular service may be easier than typing in a longlist of subnets or domains, but better a few minutes spent on proper security mea- sures than many hours recovering from a break-in. You can further restrict access to services by using various options within the /etc/ xinetd.conffile, even to the point of limiting access to certain services to spe- cific times of the day. Read the manual page for xinetd (by typing man xinetdat acommand prompt) to learn more about these options. Detecting Intrusions from Log FilesIf you make use of good firewalling practices as described in Chapter 17, you will bewell prepared to mitigate and prevent most cracker attacks. If your firewall shouldfail to stop an intrusion, you must be able to recognize the attack when it is occur- ring. Understanding the various (and numerous) log files in which Linux recordsimportant events is critical to this goal. The log files for your Linux system can befound in the /var/logdirectory. Most Linux systems make use of log-viewing tools, either provided with the desktopenvironment (such as GNOME) or as a command you can execute from a terminalwindow. Fedora Core and Red Hat Enterprise Linux come with a System Logs window(system-logviewercommand) that you can use to view and search critical systemlog files from the GUI. To open the System Logs window in Fedora, from the maindesktop menu, select System Tools.System Logs. Figure 6-1 shows an example ofthe System Logs window. Figure 6-1:Display system log files in the System Logs window. Tip12_