users logs

Phebe_Mertes at aotx.uscourts.gov Phebe_Mertes at aotx.uscourts.gov
Wed Jun 10 12:26:37 UTC 2009 

http://logcheck.org/

is how I used to ignore message log entries I didn't want to see, but it
was still mind numbing work to review the filtered logs every morning from
all the servers.

Phebe Mertes
210-301-6271


                                                                                                                         
  From:       mark <m.roth2006 at rcn.com>                                                                                  
                                                                                                                         
  To:         General Red Hat Linux discussion list <redhat-list at redhat.com>                                             
                                                                                                                         
  Date:       06/09/2009 05:15 PM                                                                                        
                                                                                                                         
  Subject:    Re: users logs                                                                                             
                                                                                                                         
  Sent by:    redhat-list-bounces at redhat.com                                                                             
                                                                                                                         





Marti, Rob wrote:
> Yeah, the developers sometimes have to troubleshoot code on production
> systems (we try to split dev and prod but are not always successful).
We're
> working on a better split, but its not just CC numbers... socials in the
> database, etc.

Oh, boy. If everyone's not already had criminal background & credit checks,
I
suspect it's coming sooner rather than later.
>
> Bash auditing is pretty win.
>
As I said, I still think that you'll wind up with so much info that trying
to
find anything relevant will be a major task.

             mark
> Rob Marti
>
> -----Original Message----- From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of mark Sent: Tuesday,
> June 09, 2009 4:51 PM To: General Red Hat Linux discussion list Subject:
Re:
> users logs
>
> Marti, Rob wrote:
>> If you're using RHEL5 you can enable bash auditing.  I don't think the
>> same solution exists for RHEL4 (yet?).
>>
>> As far as why, I've been requested to set it up for PCI compliance
(since
>> developers have access to credit card numbers, etc. without going
through
>> sudo) but all my CC handling servers are RHEL4 so... :-/
>
> Oh.
>
> I came off a contract the end of April at a company that's both a root
CA,
> and does managed security for PCI/CSS, so I have a clue what you're
dealing
> with.
>
> One question: the *developers* have access to numbers, and not test
numbers?
> I believe that you can request card numbers with info explicitly for
> development and testing. All the rest should be encrypted everywhere
where
> it's not inside a secure subnet, and they'd prefer then, as well, if I
> understand it correctly.
>
> mark
>

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

More information about the redhat-list mailing list