Security Basics mailing list archives
Re: Monitoring the change of password in Unix
From: ArcSighter Elite <arcsighter () gmail com>
Date: Mon, 26 Jan 2009 10:53:19 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gustavo Castro wrote:
Wilson: You may want to monitor the /etc/passwd file, not the use of the "command" passwd... Use tripwire, or something like it. 2009/1/21 <wilson () email chop edu>:Is there a way in Unix, without extra software, to monitor the use of the "passwrd" command to reset the password? Perferably something that sent the event to Syslog.
I agree. Use some HIDS-like software such as tripwire or aide. You could also get the benefits of enabling accounting services, and hardening PAM a little more. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkl93GYACgkQH+KgkfcIQ8fFyQCff8JpaPySHGFP8ThOFGzyBVMj VGQAoJT9DYTX44gTH6fl7HCHfqxt4kOc =Hq5H -----END PGP SIGNATURE-----
Current thread:
- Monitoring the change of password in Unix wilson (Jan 21)
- Re: Monitoring the change of password in Unix Klaus Zing (Jan 21)
- Message not available
- Re: Monitoring the change of password in Unix Tom Ritter (Jan 21)
- Re: Monitoring the change of password in Unix Gustavo Castro (Jan 21)
- Re: Monitoring the change of password in Unix ArcSighter Elite (Jan 27)
- Re: Monitoring the change of password in Unix Gustavo Castro (Jan 21)
- Re: Monitoring the change of password in Unix Preston Connors (Jan 21)
- Re: Monitoring the change of password in Unix Eitan Adler (Jan 21)
- Re: Monitoring the change of password in Unix Giuseppe Fuggiano (Jan 21)
- RE: Monitoring the change of password in Unix Jason Mitchell (Jan 21)
- Re: Monitoring the change of password in Unix asai ajith (Jan 23)