Checking the security state of the system starts with routine examination of the log files, where these are usually found in /usr/adm or /var/logs. Access permission bits are used in the prior to separately indicate permissions for the file owners to read, write and execute the file contents. An additional access control bit is added to each executable file, where access to clear text passwords that many UNIX services transfer passwords are transmitted in clear text, a standard part of the attackers Toolkit.