Sumary: Security

From: Khoi Ngo (Khoi.Ngo@thomson.com.au)
Date: Sun Nov 07 1999 - 16:58:25 CST


Thanks Chad Price [cprice@molbio.unmc.edu],
        Christian Pinheiro [pinheiro@veritel.com.br],
        Tom_Cowan@pcworld.com,
        John Weekley [weekleyj@inlink.com],
        Chris Cariffe [chriss@well.com],
        Jay Lessert [jayl@latticesemi.com].

The adives are using BSM, bsmconv, which is system audit. It can track down
what station has done the wrong things to the files and directories. However
the system will log all activities as set and disk space will substantially
grow.

Other references are: auditd, praudit....

Thanks
Khoi

-----Original Message-----
From: Khoi Ngo [mailto:Khoi.Ngo@thomson.com.au]
Sent: Thursday, 4 November 1999 9:45:AM
To: Sun-Managers
Subject: Security

Hello Sun Managers,

I have a UNIX network that consists of a number of Ultra SPARCstatations and
one SUN Server. We aren't using any naming services, just flat name. All the
Sparc are using the same passwd file as the server. The server serves as
the file server to other SPARC. There is just one login for entire network.
The problem is users accidently or with purpose delete any files or
directories. We want to track down which workstation has done the wrong
things.

Are there any tools or utilities that can audit these actions?

Thanks
Khoi
=====================================================================
WARNING -This e-mail, including any attachments, is for the
personal use of the recipient(s) only.
Republication and re-dissemination, including posting to news
groups or web pages, is strictly prohibited without the express
prior consent of
Thomson Legal & Regulatory Group Asia Pacific Ltd
ACN 058 914 668
=====================================================================
=====================================================================
WARNING -This e-mail, including any attachments, is for the
personal use of the recipient(s) only.
Republication and re-dissemination, including posting to news
groups or web pages, is strictly prohibited without the express
prior consent of
Thomson Legal & Regulatory Group Asia Pacific Ltd
ACN 058 914 668
=====================================================================



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:31 CDT