Member-only story

Insufficient Logging and Monitoring

Security Lit Limited
InfoSec Write-ups
Published in
6 min readSep 9, 2022
Goran Ivos on Unsplash

Introduction

There was a problem with a server while you were trying to figure out how to fix it. It could be because you used the wrong command, or there could be other reasons. So to figure out what went wrong, you usually run the history command, which will show you all the commands that have been run in the command line. After that, it's easy to figure out which command caused this, or if it wasn't a command, what kind of outside factors made the system reboot. The Linux logs all the commands being executed on the terminal, and once you run the history command, it shows the results from the logs themselves.

So by this example, you can easily understand how important logging is.

Source

Suppose you purchased from XYZ's official website. The transaction wasn't successful, but your money got deducted from your bank account. You have now submitted a support ticket regarding the refund for which no order has been placed. Is there a way for XYZ to check that what you are saying is true? Yes, there is. Every transaction and every request you make to XYZ's web server, or any other company's server for that matter, is logged in a log file. The bank and the website XYZ…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

No responses yet

What are your thoughts?