Your Cart is Empty Reseller Login or Sign up FAQ Search

How to set up root breach detection

Even the most secured dedicated servers may eventually become vulnerable to the ever-increasing number of hacker attacks around the Internet. What ResellersPanel.com can offer you is a way to receive a notification via email every time someone logs in to your server with the administrative root password. You will need to log in to the server via SSH. Start your preferred text editor and open the following file (we will use 'nano'):

nano /root/.bash_profile

There you will find the configuration settings of your bash profile. Add the following at the end of the file (replacing your@email.com with your email address) :

echo 'ALERT! Root Shell Access on:' `uname -n` `date` `who` | mail -s "Alert: Root Access from `who | awk '{print $6}'`" your@email.com

In addition, please place the following information in your /etc/motd file:

ALERT! You are entering a secured area! Your IP and login information have been recorded. System administration has been notified. This system is restricted to authorized access only. All activities on this system are recorded and logged. Unauthorized access will be fully investigated and reported to the appropriate law enforcement authorities.

Please be advised that the above configuration will always send a notification, even when you are logging in from your home computer, so you need to make sure to differentiate unknown IP addresses from your own.

« Back to menu