Well, I was travelling again and I read my way through some of the ISSA magazines that stacked up on my desk over that past months. I have to admit, the quality of articles I read has actually improved. That does not mean that I don’t have any comments…<\/p>\n
I read this article in the March 2006 issue of the ISSA journal about Auditing on Linux\/Unix. While I like the article and how it outlines what you can do to harden a UNIX box, it is yet another article which fails to mention how hard it is to enable real auditing on Linux. I have yet to find a comprehensive guide about how to enable the auditing you really need on a Linux box. Not a single word was spent on the pam modules. The article mentiones process accounting via Maybe these things could be addressed in a follow-on article?<\/p>\n","protected":false},"excerpt":{"rendered":" Well, I was travelling again and I read my way through some of the ISSA magazines that stacked up on my desk over that past months. I have to admit, the quality of articles I read has actually improved. That does not mean that I don’t have any comments… I read this article in the […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-67","post","type-post","status-publish","format-standard","hentry","category-unix-security"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/67","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/comments?post=67"}],"version-history":[{"count":0,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/posts\/67\/revisions"}],"wp:attachment":[{"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/media?parent=67"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/categories?post=67"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/raffy.ch\/blog\/wp-json\/wp\/v2\/tags?post=67"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}accton<\/code> but does not really mention how that can be used and how this could be handled in a distributed logging environment. How do you get all of this data into syslog instead of looking at it via lastcomm<\/code>?<\/p>\n