New to audit. Need help configuring audit to meet NISPOM req's
Fields, Randy (Space Technology)
Randy.Fields at ngc.com
Tue Feb 27 08:25:18 UTC 2007
Hello All,
I'm a linux administrator and computer security rep with a small NIS domain all running RHEL 4.4 ES on x86 platforms.
I'm looking for any help, scripts, or just copies of configuration files so that I can learn from your examples while studying the man pages.
Here are the list of items that I need to accomplish and I greatly appreciate any help that you can provide.
1) I need to configure a test box to meet NISPOM audit requirements. (any examples of /etc/auditd.conf and /etc/audit.rules would be great)
2) Then test it by acting as a user and trying to access files such as /etc/passwd and /etc/shadow.
3) Then report that data to prove to auditors that the tool is collecting the events.
Thank you in advance. Feel free to e-mail me directly to avoid any unwanted cluttering of the message boards.
Randy Fields
randy.fields at ngc.com
More information about the Linux-audit
mailing list