Focus on Linux
root shell auditing Jul 28 2008 01:34PM
Mars Gobetti (erresei6 libero it)
In an effort to comply with iso 27001, Webtrust and other security certifications I need to audit root shell usage on many linux servers: every bash command entered in the shell ,with timestamps, and possibly logging to a remote server.
Which is the best (enterprise class) way to do that?

Currently in our environment administrators get root shell access using sudo -i. Do I need to change this?
I've seen around sudosh (wich do the job locally), then Enterprise Audit Shell, but it seems to me this projects are not active any more.
Will Free IPA be an answer?

Thank you,

Mars Gobetti

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus