|
How to keep an audit trail of Linux systems |
vote
 |
|
Intrusions can take place from both authorized and unauthorized users. My personal experience shows that unhappy user can damage the system, especially if they have a shell access. Some users are little smart and removes history file (such as ~/.bash_history) but you can monitor all user executed commands.
This article shows how to log user activity using process accounting. It allows you to view every command executed by a user including CPU and memory time. You can easily find out which commands used to take down your system with these utilities.
| | |
| |
|
| | read more | mail this link | score:7958 | -nixcraft, November 15, 2006 |
| |
|
More Sysadmin articles... |
|
|
