[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Security Logging - Passwords & Accounts



Hi Aaron,

Thanks for your help, I tried making some changes (adding & deleting
users & groups, and changing passwords) and they don't seem to have been
logged!

I also tried adding this line to /etc/syslog.conf
	
	*.*		/var/log/all

But I didn't get any messages logged in the 'all' file when I tried the
same changes again (but I do get other messages like ' Dec 25 14:15:00
RHEL-ES3-02 CROND[2620]: (root) CMD (/usr/bin/mrtg /etc/mrtg/mrtg.cfg)'
logged)

Is there something else I need to do please?

Thanks again for your help,
Chris

-----Original Message-----
From: Bliss, Aaron [mailto:ABliss preferredcare org] 
Sent: 13 February 2006 13:49
To: Chris Bingham; redhat-list redhat com
Subject: RE: Security Logging - Passwords & Accounts

These changes should already be logged in /var/log/secure; if you run
logwatch with a detail level of 5, you should see everything your
looking for in the report (and more :).

Aaron 

-----Original Message-----
From: redhat-list-bounces redhat com
[mailto:redhat-list-bounces redhat com] On Behalf Of Chris Bingham
Sent: Monday, February 13, 2006 8:43 AM
To: redhat-list redhat com
Subject: Security Logging - Passwords & Accounts

Hi,

 

Does anybody know of any way to log changes to user & group accounts and
passwords please?

 

Because of a new security policy, we need to find a way to log in a file
whenever any changes are made to any user or group account, particularly
need to monitor changes to passwords and group memberships.

As a minimum, we've got to record the date & time of the change, what
the change was, and which user account was used to make the change.

Ideally we also need to do this without using third-party software, but
any solution would be very welcome :)

 

I'd really appreciate any help anyone can give, I've been trawling the
net all morning looking for some pointers without much luck!

 

Thanks in advance for any help,

Chris

###########################################

This message has been scanned by F-Secure Anti-Virus for Microsoft
Exchange proir to leaving Applied Computing & Engineering's E-Mail
Server
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request redhat com?subject=subscribe
https://www.redhat.com/mailman/listinfo/redhat-list


www.preferredcare.org
"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D.
Power and Associates

Confidentiality Notice:
The information contained in this electronic message is intended for the
exclusive use of the individual or entity named above and may contain
privileged or confidential information.  If the reader of this message
is not the intended recipient or the employee or agent responsible to
deliver it to the intended recipient, you are hereby notified that
dissemination, distribution or copying of this information is
prohibited.  If you have received this communication in error, please
notify the sender immediately by telephone and destroy the copies you
received.



###########################################

This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange
proir to leaving Applied Computing & Engineering's E-Mail Server



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]