Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Basic Security for RedHat

From: "Nardis, Frank" <nardis () TrendCS com>
Date: Thu, 9 Dec 2004 16:42:51 -0500 
I'm guessing that given the fact that you state there are 3 admins your
server, what you are really looking for is everyone that su's to root.

If that is the case, make sure that you can no telnet or ssh to the box as
root directly.  When you or your other admins su to root, an authentication
entry is placed in /var/log/messages similar to the one below

Dec  9 16:33:29 servername PAM_pwdb[25551]: (su) session opened for user
root by smith(uid=504)

-which provides accountability.  Of course if all three have console access
to the physical box that idea goes out the window.

If you need to more protective about the data on the box - Tripwire!

Frank


-----Original Message-----
From: Kalpin Erlangga Silaen [mailto:kalpin () solonet co id] 
Sent: Tuesday, December 07, 2004 8:33 PM
To: security-basics () lists securityfocus com
Subject: Basic Security for RedHat

Dear all,

I am using RedHat 9.0 and there is 3 admin in my server. I am looking 
for some tools which will send email to me while some admin adduser or 
change user's password. Also I am looking for some tutorials how to 
limits user's resources in RedHat and some security basics.

Any help will be appreciate.

---
Kalpin Erlangga Silaen
mailto: kalpin () solonet co id
URL: http://www.warningnews.com
YM: kalpinus
MSN: kalpinus
IRC: mesra.dal.net nick Kalpin
Previous By Date Next
Previous By Thread Next

Current thread: