[Sunhelp] logging logins on Solaris 7
Will Lowe
lowe at asel.udel.edu
Tue Jan 11 11:49:44 CST 2000
> I myself like making use of bsmconv (man bsmconv) and auditd (man -s
> 1M auditd and man -s 4 audit_control. These are GREAT for not only
> logins/outs, but playing big brother as well. I reccommend it to
> everybody that's concerned with system security.
Great. Is there any decent way to do centralized logging so that the logs
can all be analyzed on one host? There are two primary reasons for this:
1) less administrative stuff; I can generate reports for an entire subnet
easily if I can get them all to log to one place
2) anybody who hacks into my system is going to edit /var/audit/*. If the
logs are kept on a remote (hopefully, more secure) server, they'll have
more trouble covering their tracks.
thanks,
Will
--------------------------------------------------------------------------
| harpo at udel.edu lowe at cis.udel.edu lowe at debian.org lowe at asel.udel.edu |
| http://www.cis.udel.edu/~lowe/ |
| PGP Public Key: http://www.cis.udel.edu/~lowe/index.html#pgpkey |
--------------------------------------------------------------------------
More information about the SunHELP
mailing list