- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Script to find out who is moving files into produc...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2003 11:29 AM
тАО11-12-2003 11:29 AM
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2003 11:43 AM
тАО11-12-2003 11:43 AM
Re: Script to find out who is moving files into production?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2003 11:44 AM
тАО11-12-2003 11:44 AM
Re: Script to find out who is moving files into production?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2003 12:30 PM
тАО11-12-2003 12:30 PM
Re: Script to find out who is moving files into production?
Its a great tool, I recommend it, but not for this application. Unless these folks are overwriting root access configuraiton files. Which means root password security is an issue.
You might want to harden your system with Bastille.
http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6849AA
Thus far I've skillfully avoided actually answering your question.
Because users are coming in via a vpn, there may not be enough data on the hp system to figure out who did what.
inetd -l
Enhances logging of all internet connections including ftp and secure shell.
Start analyzing the /var/adm/syslog/syslog.log file for the transactions you care about.
Run them agains the vpn log if you are getting the vpn ip address in syslog.log
When you see an important file has changed, you should be able to match its time stamp against syslog and trace it back to the offender.
Thats the best I can think of so far.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-12-2003 05:09 PM
тАО11-12-2003 05:09 PM
Re: Script to find out who is moving files into production?
It's not great but it's a thought.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-13-2003 02:47 AM
тАО11-13-2003 02:47 AM
Re: Script to find out who is moving files into production?
Second, develop a script-
1) To copy from the programmers workbench to production. You could use "sudo" to give the script permissions to do the actual copy.
2) To make a backup of the original prior to copying.
3) To track who copied what when.
You may want to look into some type of change control system (RCS or PVCS) so the programmers have to "check-out" a programmer before changins (so 2 programmers don't try to change the same program at the same time).
HTH
-- Rod Hills
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-13-2003 02:48 AM
тАО11-13-2003 02:48 AM
Re: Script to find out who is moving files into production?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-13-2003 03:04 AM
тАО11-13-2003 03:04 AM
Re: Script to find out who is moving files into production?
Thats just it. They need write permisions when they log into the application. The application then does security. These programs are owned by the Database and everyone is part of the group staff. so I can't take these permissions away. We are already trying to do your 3 steps, but are having trouble with step 3. because because people copy the program over with a -pf so the owner still the database user. So what do we use in the script which will show who actually moved the program into production?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-13-2003 04:16 AM
тАО11-13-2003 04:16 AM
Re: Script to find out who is moving files into production?
The Bastille looks like a possible answer. But after reading up on it, we are not running popular products, and there are warnings to use extreme caution because very few products have be tested. I do not have a seperate test server to try.I will start to analyze my syslog.log closer to match times.
We have a script ready to run daily that will show us what program files were touched, to at least know when they are changed. I will then have to do some detective work to find out who-did-it. Maybe after catching a few culprits they will begin to follow the procedure to notify me. I can then ask any departments who mya possibly be effective; to notify and verify that it has been tested in the test environment.
In the past places I have worked in there were few programmers with such privilages. But here we have in house programmers and out side consultants fixing and changing things. I hope to some how get some control.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-13-2003 04:30 AM
тАО11-13-2003 04:30 AM
Re: Script to find out who is moving files into production?
Your idea to add something in the .profile is very interesting. It may work as long as at the end of the day command is still in the history. I am still unsure exactly how to set up, but I will see what I can find.