User Auditing
m.roth at 5-cent.us
m.roth at 5-cent.us
Thu Sep 23 20:13:44 UTC 2010
Georgios Magklaras wrote:
> On 09/23/2010 06:43 PM, Marti, Robert wrote:
<snip>
> What I said refers to the whole picture. What you really want to do is
> to correlate events that occur. Logging keystrokes gives you the
> keyboard stream, but does not always help you to correlate what you type
> and what happens at the OS layer. As for privacy, there are reasons that
> I can tell you it's a bad idea to do it. For example, I have found that
> my sysadmins type occasionally sensitive (as opposed to private) info,
> such as rhn reg keys or ssh passwords. These do not really need to be
> inside a text log file in plain text.
Um, yep. I'd be VERY, VERY UPSET if someone had my password in a plain
text logfile emailed to another server. That, alone, would break your
security.
mark
More information about the redhat-list
mailing list