Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [suse-security] File and folder access auditing, how?
From: Marcus Meissner (meissnersuse.de)
Date: Thu Feb 02 2006 - 03:42:08 CST
On Thu, Feb 02, 2006 at 11:34:10AM +0200, HG wrote:
> Is it possible to set up file and folder access auditing on SuSE 9.2
> or later (10.0)?
> If so, how would one do that?
> I have some sensitive information now on SuSE 9.2 (that might be
> updated to 10.X) and I'm looking for something similar to what I had
> in Windows. I want to have a log somewhere that would indicate who has
> used or tried to use the sensitive information.
10.0 has the beginnings of the upstream audit system, in the "audit"
package, 10.1 has a bit further developed one.
I am not sure it can audit to the full extend you need.
9.1 / SLES 9 has a EAL4+/CAPP capable audit system doing all you might
want ... For 10.1 / SLES 10 this is planned too.
(Look for "audit watches".)
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here