Re: Linux equivalent of Solaris BSM?

Tue, 25 Mar 2003 13:20:54 -0800

Thanks, but no that doesn't quite do it. Tripwire only flags you that a certain file has been changed, but it doesn't give you a username who changed it, when they changed it, from what IP address were they coming from, etc, etc, things that good auditing will tell you.

Paul

Dylan Baxter wrote:

http://www.tripwire.org/

I believe this is included in the RedHat packages as well.

'Hope this helps!

Dylan Baxter

----- Original Message -----
From: "Paul Greene" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 25, 2003 1:13 PM
Subject: Linux equivalent of Solaris BSM?

I posted something yesterday about logging in Linux, but I suspect such
a mundane question got drowned out by the busy thread on "Redhat Linux 9".

So, I'll ask again.

Is there a function within Linux, without having to resort to a third
party app, that can get the level of security auditing down to a very
granular level, equivalent to the BSM auditing in Solaris?

i.e. logging security policy changes, file deletions, etc

thanks

Paul





--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to