Re: secure UNIX log server
From: Trueblood (trueblood@lonegunmen.org)Date: 05/29/02
- Next message: Walter Dnes: "Re: IP address <--> Global Positioning System (GPS)"
- Previous message: Richard L. Hamilton: "Re: secure UNIX log server"
- In reply to: fanny: "secure UNIX log server"
- Next in thread: Bernd Eckenfels: "Re: secure UNIX log server"
- Reply: Bernd Eckenfels: "Re: secure UNIX log server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Trueblood" <trueblood@lonegunmen.org> Date: Tue, 28 May 2002 20:12:54 -0600
One possibility would be to take away root from the admins, but give them
sudo access. The good news about this is with sudo, every command can be
logged. That way, they can do whatever they need to do, but if something
happens you'll have a better audit log.
"fanny" <fannysaunders@yahoo.com> wrote in message
news:a969f45a.0205280957.2455e3c9@posting.google.com...
> I am defining policy and procedures for my company to collect, store
> and review UNIX logs. We are storing them a seperate UNIX "log
> server" and locally on servers. The log server is physcially secured
> and limited in who can log in but I am still concerned that the logs
> could be erased by someone who compromised the root account or by a
> UNIX administrators authorized to use the root acount.
-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
-----== Over 80,000 Newsgroups - 16 Different Servers! =-----
- Next message: Walter Dnes: "Re: IP address <--> Global Positioning System (GPS)"
- Previous message: Richard L. Hamilton: "Re: secure UNIX log server"
- In reply to: fanny: "secure UNIX log server"
- Next in thread: Bernd Eckenfels: "Re: secure UNIX log server"
- Reply: Bernd Eckenfels: "Re: secure UNIX log server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
