Security Basics mailing list archives
Re: User account auditing
From: H Carvey <keydet89 () yahoo com>
Date: 19 Apr 2005 10:17:49 -0000
In-Reply-To: <20050418192823.11627.qmail () web13824 mail yahoo com>
With multiple platforms like Windows, Linux, As400, Unix etc. How do you manage and verify accounts on these systems ?
On Windows, I understand "manage", but what do you mean by "verify"?
Do you have all admins send a monthly report on the accounts present, last time account was utilized etc. ?
When I was in an FTE position, I had a script that would access the domain controller and get all of the last login times. I'd then break it down by 30, 60, and 90 days...with certain steps forwarded to the sysadmins based on the increment.
This would also have to be done for database like Oracle, SQL, SYBASE...
Sure. I don't really see where that's a problem. I think the biggest issue is going to be the requirements development...what is it that you're trying to do? H. Carvey "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://windowsir.blogspot.com
Current thread:
- User account auditing John Madden (Apr 18)
- <Possible follow-ups>
- Re: User account auditing H Carvey (Apr 19)
- RE: User account auditing Andrew Shore (Apr 19)
- Re: User account auditing John Blackley (Apr 19)