From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jnorton@nortcom.com>
Received: from
 notron.nortcom.com(ts-3-16.Dalton.VoyagerOnline.net[209.42.135.135]) (1065
 bytes) by braille.uwo.ca
	via smail with P:esmtp/D:aliases/T:pipe
	(sender: <jnorton@nortcom.com>)
	id <m13q2ue-0013u0C@braille.uwo.ca>
	for <speakup@speech.braille.uwo.ca>; Sun, 29 Oct 2000 19:34:56 -0500 (EST)
	(Smail-3.2.0.102 1998-Aug-2 #2 built 1999-Sep-5)
Received: from localhost (jnorton@localhost)
	by notron.nortcom.com (8.10.2/8.10.2) with ESMTP id e9U0YwE00300
	for <speakup@speech.braille.uwo.ca>; Sun, 29 Oct 2000 19:34:58 -0500
Date: Sun, 29 Oct 2000 19:34:58 -0500 (EST)
From: Joseph Norton <jnorton@nortcom.com>
To: SPEAKUP Distribution List <speakup@speech.braille.uwo.ca>
Subject: security
Message-ID: <Pine.LNX.4.21.0010291932130.281-100000@notron.nortcom.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
List-Id: <speakup.linux-speakup.org>

All this talk about security brings up an interesting question.  Are there
things one can look for to tell his system is being hacked or that
attempts are being made.  I have looked in /var/log/messages and
/var/log/syslog, but, I'm really not sure what to look for.  I remember
seeing the word "victim" somewhere in a cert advisory (I think), but, I
assume if I see this word, my system has definitely been compromised.