[Pauldotcom] A logging root shell
ojconnolly at gmail.com
Mon Nov 21 23:32:55 UTC 2011
Quest support and maintain sudo and in their commercial version have the ability to log the key strokes of anyone using privileged commands through sudo. It also has a centralized policy manager.
Alternatively, you could look at cyber-ark or Quest TPAM to do session management and recording.
Ph: +353 86 3807884
On 21 Nov 2011, at 16:03, "Nils" <nils at hemmann.de> wrote:
> Hi guys,
> I´m looking into solutions to comply with PCI DSS requirement 10.2.2: (Logging: All actions taken by any individual with root or administrative privileges) especially on Linux systems.
> Therefore I´ve checked for ways to provide a shell which is logging all actions taken.
> I stumbled upon stuff like:
> mkfifo myfifo; logger -f myfifo & script -f myfifo
> sudoshell (ss)
> What are your experiences in this realm?
> Best solution would be something done with on-board means or a provided package of the Linux distribution, in this case Debian.
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> Main Web Site: http://pauldotcom.com
More information about the Pauldotcom