How to keep a detailed audit trail of what's being done on your Linux systems

Posted by nixcraft on Nov 14, 2006 9:43 AM EDT
nixcraft; By nixcraft 		Mail this story
Print this story

Intrusions can take place from both authorized and unauthorized users. My personal experience shows that unhappy user can damage the system, especially if they have a shell access. Some users are little smart and removes history file (such as ~/.bash_history) but you can monitor all user executed commands.

This article shows how to log user activity using process accounting. It allows you to view every command executed by a user including CPU and memory time. You can easily find out which commands used to take down your system with these utilities.

Full Story

  Nav
» Read more about: Story Type: Tutorial; Groups: Fedora, Gentoo, GNU, Linux, Red Hat, SUSE

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.