[ale] Need an method of recording command line operations for auditing purposes
Jim Kinney
jim.kinney at gmail.com
Wed Jun 16 11:10:42 EDT 2010
http://sourceforge.net/projects/rootsh/
and from a co-worker
http://etbe.coker.com.au/2010/06/11/logging-shell-commands/
has some slick ideas
I've used rootsh before. With additional hardening like the log file area
for rootsh being append only filesystem and the chattr being locked up with
selinux it make a pretty solid logging system
On Wed, Jun 16, 2010 at 10:50 AM, James Taylor <
James.Taylor at eastcobbgroup.com> wrote:
> Is there a good method for auditing command line operations, similar to
> bash_history that is not accessible to the user? bash_hisory is functional,
> but can be edited or deleted by the user.
> Something that is included with a SLES distribution is highly desirable,
> but if there are some good options, one of them may already be there.
> I've had one suggestion for snoopy, but I don't think it's included with
> SLES.
> Thanks,
> -jt
>
>
>
> James Taylor
> The East Cobb Group, Inc.
> 678-697-9420
> james.taylor at eastcobbgroup.com
> http://www.eastcobbgroup.com
>
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
--
--
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness
Doing pretty well on all 3 pursuits
Faith is a cop-out. If the only way you can accept an assertion is by
faith, then you are conceding that it can’t be taken on its own merits.
Dan Barker, "Losing Faith in Faith", 1992
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100616/4dc0456b/attachment.html
More information about the Ale
mailing list