Re: Tracking User activity on 4.3.3
From: A.Weston (alweston_at_NEWSCENE.COM)
Date: 11/09/05
- Previous message: SUBSCRIBE aix-l Tina N: "Re: PgSp and Paging Space"
- In reply to: Vipin Khushu-Suse: "Tracking User activity on 4.3.3"
- Next in thread: Yves Dorfsman: "Re: Tracking User activity on 4.3.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 9 Nov 2005 17:51:17 -0500 To: aix-l@Princeton.EDU
Vipin Khushu-Suse wrote:
> Greetings All:
>
> I'll setting up a new user (other than root) with root authority. And
> yes, the admonition against this practice is duly noted by yours truly.
>
> In order to keep a close watch on things, I need to accomplish the
> following:
>
> 1] track and capture in a log(s) everything this user does upon
> login including any attempt to su to another user. The log(s) should
> preferably be stored somewhere other than the user's home
> directory so that any attempt to hide one's tracks is difficult.
>
> 2] be alerted when this user logs in. I suppose I can use 'last'
> for that purpose unless there's a more proactive way to know this.
>
> 3] Any other strategy you know of that can aid in keeping tabs on
> the activities of this user.
>
> Any documentation you can point me to help gain a better understanding
> of the issues involved is also appreciated.
>
> By the way, the user will login remotely using putty-ssh.
>
> TIA
> VK
>
>
>
>
Why not use sudo? Rather than giving this user a uid of 0, give him the
ability to do anything as root, and setup sudo to log to a remote log
server this user doesn't have access to. If you don't want this user to
have su capabilities to other accounts, remove this from the sudo config.
- Previous message: SUBSCRIBE aix-l Tina N: "Re: PgSp and Paging Space"
- In reply to: Vipin Khushu-Suse: "Tracking User activity on 4.3.3"
- Next in thread: Yves Dorfsman: "Re: Tracking User activity on 4.3.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
