Re: Command history log for audit trail
My First Post ;) Check out vlogger by THC Check out basha at freshmeat.net I use basha here, nice and user selective. Both work with ssh too... --cg From: Mike Dornberger <[EMAIL PROTECTED]> To: debian-security@lists.debian.org Subject: Re: Command history log for audit trail Date: Fri, 16 Jun 2006 16:59:05 +0200 Hi, On Thu, Jun 15, 2006 at 01:08:37PM -0700, [EMAIL PROTECTED] wrote: > I need to set up an audit trail for all commands run on machines. I I'm no kernel expert, but can't processes be forked, too by calling some kernel functions directly (I mean not by using library functions)? I don't know if actual kernels have some kind of hook therefor. You may need to write a kernel module, if not. Maybe such module is part of modern intrusion detection systems. Greetings, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Command history log for audit trail
Hi, On Thu, Jun 15, 2006 at 01:08:37PM -0700, [EMAIL PROTECTED] wrote: > I need to set up an audit trail for all commands run on machines. I I'm no kernel expert, but can't processes be forked, too by calling some kernel functions directly (I mean not by using library functions)? I don't know if actual kernels have some kind of hook therefor. You may need to write a kernel module, if not. Maybe such module is part of modern intrusion detection systems. Greetings, Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [Secure-testing-team] Re: Bug#372721: http://www.debian.org/security/faq#testing wrong
Felipe Augusto van de Wiel (faw) wrote: >A: Security updates will migrate into the testing >distribution via unstable. They are usually uploaded with >their priority set to high, which will reduce the quarantine time >to two days. After this period, the packages will migrate into >testing automatically, given that they are built for all >architectures and their dependencies are fulfilled in testing. > >The [1]testing security team also makes security fixes available in >their repository when the normal migration process is not fast enough. > > > This topic also changes. As I understood it, we should replace > with something like: "testing gets security updates in the same way that > stable does", is that correct? No. While the technical infrastructure may be in place, security support for testing is not up to par with stable due to a lack of manpower. It's still not recommendable to use it for a production system. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]