Re[2]: Audit trails

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Swee-Chuan Khoo: "RE: Signs of an Intruder"
• Previous message: Tracy R. Reed: "Re: searching logs for key phrases"

>> Actually, AIX has quite good auditing features for Unix.  It can include 
>> quite a bit of detail, including what commands a particular user is 
using 
>> and at what time.  Almost noone uses the entire auditing features 
because
>> it gives too much information and can slow the system response time 
noticably.

>True, but if you're trying to watch particular users or areas of the system for
>suspicious activity, such as a hacker, then these sorts of audit trails are 
>just what the doctor ordered.  For the benefit of those of us without access to
>AIX, could you give us a brief description of the sorts of auditing that is 
>available?

Try looking at http://beaver.fu-q.com/nomad/faqs/aix which covers most of the 
basics.

• Next message: Swee-Chuan Khoo: "RE: Signs of an Intruder"
• Previous message: Tracy R. Reed: "Re: searching logs for key phrases"