You can take a more proactive approach to system security by monitoring the system access and keeping logs on activity conducted to detect security problems and ensure that only authorized users have access.
This is called network auditing. Many utilities are now available to system administrators that detect intruders and perform additional system and network monitoring functions. When selecting network auditing
software, activity logs should be examined for the following:
- Attempts at unauthorized access (failed logins)
- File access attempts and denials
- Attempts to change the permissions settings on a file
- Attempts to change the log
The figure below shows a partial log file.
In the next lesson, you will learn how user and server authentication is used to provide network security.