Skip to main content

Unauthorized access over FTP

ctlee15
Greetings, We had an authorized access over FTP during the month of October. We would like to identify from which IP address(es) the unauthorized access occurred. There is a file in the archived raw logs called 'ftp.xyzcompany.com-ftp_log-Oct-2015.gz'. Can this log be used to identify the IP address from which the unauthorized access occured? Also, would you recommend that I check the following files: -cPanel access logs (The access log in /usr/local/cpanel/logs/), and -domains apache domlogs (/usr/local/apache/domlogs/domain.com) Thank you in advance for your time.

Comments

1 comment

Date Votes
  • cPanelMichael
    Hello :) FTP activity is logged to: /var/log/messages Could you elaborate on what leads you to suspect access from an unauthorized IP address? Thank you.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post