Re: [PLUG] shell script help...

K.S. Bhaskar on 1 Sep 2007 23:26:06 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] shell script help...

From: "K.S. Bhaskar" <bhaskar@bhaskars.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] shell script help...

Date: Sat, 1 Sep 2007 19:26:02 -0400

Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=UfVMMSTpfmfLjoDppy2kl8socAe3+k3h0AAUmS8tX8gRGAfblHgbN9DZDBJ8JPXW38Qz/0WzyRtGesavmaP/SVsROyUt2xELstcbFQ1zb10RQGwFPcnIj3QQy7WSTB3vXoKC/ninOzQKU/Fzct6K9cZopFG8i+xei+gjI2b1/7g=

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

On 9/1/07, Mag Gam <magawake@gmail.com> wrote: > Management want to see who does or tries to do anything malicious. They want > to see users' shell activity. [KSB] OK, then you are not just trying to keep honest people honest or catch unintentional fat fingering. You are trying to protect against potential compromise of a security model by those who normally have access to the system. This is a harder proposition. You need to create a security model and then implement it. Depending on what users do normally, components in your implementation could include: - Restricted shells (e.g., rbash as the login shell). You could implement keystroke logging with rbash, as discussed earlier in this thread. - Screen - Mandatory access controls (e.,g SELinux, AppArmor) - Chroot jails - Limited functionality virtual machines (boot a vm when a user logs in) And more... Regards -- Bhaskar ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] shell script help...
From: "Mag Gam" <magawake@gmail.com>

References:

[PLUG] shell script help...
From: "Mag Gam" <magawake@gmail.com>

Re: [PLUG] shell script help...
From: Matthew Rosewarne <mukidohime@case.edu>

Re: [PLUG] shell script help...
From: "Mag Gam" <magawake@gmail.com>

Re: [PLUG] shell script help...
From: "Mag Gam" <magawake@gmail.com>

Re: [PLUG] shell script help...
From: "K.S. Bhaskar" <bhaskar@bhaskars.com>

Re: [PLUG] shell script help...
From: "Mag Gam" <magawake@gmail.com>

Prev by Date: Re: [PLUG] shell script help...

Next by Date: Re: [PLUG] shell script help...

Previous by thread: Re: [PLUG] shell script help...

Next by thread: Re: [PLUG] shell script help...

Index(es):

Date

Thread