- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Logging of all user activities
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 01:56 AM
тАО10-25-2000 01:56 AM
Logging of all user activities
- be easy to check logs
- be easy to configure / maintain
- not be obvious to the user ( root )
In our environment, the user is not allowed to login as root directly, a group of admin users has the privilege to su to root. Login is done either with ssh or cde, no telnet, no r-commands.
Currently we have implemented a solution which has a .sh_history file for every user ( which becomes root ), but this is not accepted by the security audit dept due to the weakness that every user can easily modify his own sh_history file.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 02:00 AM
тАО10-25-2000 02:00 AM
Re: Logging of all user activities
to log ALL I/O you could add the command:
exec script
into the $HOME/.profile to save this informations.
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 02:05 AM
тАО10-25-2000 02:05 AM
Re: Logging of all user activities
While 'script' (see man pages) doesn't meet all your criteria, it may be a start or at least a piece for you.
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 02:23 AM
тАО10-25-2000 02:23 AM
Re: Logging of all user activities
Switch on audting. Only secure detailed way to monitor all activities.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 06:51 AM
тАО10-25-2000 06:51 AM
Re: Logging of all user activities
Auditing will give you good information, as will having sessions script-ed, but both of these solutions create files which a rot user can modify. I know of at least one 3rd party security solution which interposes itself between the kernel and the shell and can be used to restrict the permissions of even the root user, but I do not recommend it for use in a csae like this.
Frankly, if you cannot trust the users you give root authority to, then you have deeper problems.
Perhaps you should examine sudo. It allows you to give access only to specific commands with root authority, and automatically logs all such activity.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-25-2000 07:53 AM
тАО10-25-2000 07:53 AM
Re: Logging of all user activities
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2000 03:03 AM
тАО10-26-2000 03:03 AM
Re: Logging of all user activities
The only way to do this kind of thing is to use a MLS version of UNIX, I beleive trusted system mode implments this, in this scenario you have permissions applied to system calls in the kernel, you have one user who is root and the hold all the cards apart from the right to assign kernel permisisons and alter the audit information, the other user (formerly known as your security officer), can assign kernel level priveledge and alter the audit information.
Hope this helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-26-2000 03:32 AM
тАО10-26-2000 03:32 AM
Re: Logging of all user activities
Do these admin users have free roam of the system or do they just do specific tasks.
If the later then sudo or restricted sam can keep them under control.