PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: A logging root shell

From: Owen Connolly <ojconnolly () gmail com>
Date: Mon, 21 Nov 2011 23:32:55 +0000
Hi Nils,

Quest support and maintain sudo and in their commercial version have the ability to log the key strokes of anyone using 
privileged commands through sudo.  It also has a centralized policy manager. 

Alternatively, you could look at cyber-ark or Quest TPAM to do session management and recording.

Cheers,


Ojc

~~~~~~~~~~~~~~~~~~~~~~~~
Owen Connolly
Ph: +353 86 3807884
http://www.vacta.co.uk
~~~~~~~~~~~~~~~~~~~~~~~~

On 21 Nov 2011, at 16:03, "Nils" <nils () hemmann de> wrote:


Hi guys,
I´m looking into solutions to comply with PCI DSS requirement 10.2.2:  (Logging: All actions taken by any individual 
with root or administrative privileges)  especially on Linux systems.
Therefore I´ve checked for ways to provide a shell which is logging all actions taken.
I stumbled upon stuff like:
mkfifo myfifo; logger -f myfifo & script -f myfifo
rootsh
sudoshell (ss)

What are your experiences in this realm?
Best solution would be something done with on-board means or a provided package of the Linux distribution, in this 
case Debian.


Thanks!
Nils
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: