I am disappointed. Have you ever tried to audit your linux system? Well, have you tried to get syslog events for password changes? Why would linux not log an event like that? You have to go and mess with the PAM configuration of you system. And I don’t think it’s straight forward to actually get the user management sub-system to log audit events. I want to know when someone changes his password or a user account is disabled! I guess part of the problem is that you can always go to the configuration files (\/etc\/passwd) and just change the entries yourself, but you know, we are in 2006, you would thing someone has figured out how to audit these things. Have I already mentioned that I am disappointed? And don’t misunderstand me. I love Linux, but still.
\nOne solution that VanHauser recommended was LAUS. An auditing subsystem which was initially developed for SUSE. A port for Redhat exists also. Since I switched to Ubuntu, I tried an apt-get install laus. No luck. Too bad.
\nMaybe I am just missing something and there is a solution to the audit log shortcomings of Linux?<\/p>\n","protected":false},"excerpt":{"rendered":"
I am disappointed. Have you ever tried to audit your linux system? Well, have you tried to get syslog events for password changes? Why would linux not log an event like that? You have to go and mess with the PAM configuration of you system. And I don’t think it’s straight forward to actually get […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-53","post","type-post","status-publish","format-standard","hentry","category-unix-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/53","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/comments?post=53"}],"version-history":[{"count":0,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/53\/revisions"}],"wp:attachment":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/media?parent=53"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/categories?post=53"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/tags?post=53"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}