whats in your /etc/security/ files ? (AUDIT subsystem)
Mike Tancsa
mike at sentex.net
Wed Dec 23 19:27:34 UTC 2009
I am looking at getting more out of the FreeBSD AUDIT system and was
wondering if anyone has feedback beyond what is in the handbook or
links to other resources on this topic.
http://bsdmag.org/ had a nice intro article and
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html
is actually pretty complete. But I was looking for additional
feedback from folks using it on their servers in production.
What do you find useful to log on large multi user systems ? What
about boxes with limited access to just administrators ? Log everything?
How do you manage your audit logs to ensure integrity ? Do you run
at a higher secure level and make the file flags uappnd ? Write them
to an nfs mount on a separate and separately secured system ?
---Mike
--------------------------------------------------------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet since 1994 www.sentex.net
Cambridge, Ontario Canada www.sentex.net/mike
More information about the freebsd-questions
mailing list