Методические материалы Лохтурова Вячеслава

User Tools

Site Tools

Trace: сервис_ms_sql draytek_sip_softphone процессы_unix сервис_nis модуль_apparmor
система_linux_auditing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
система_linux_auditing [2016/08/01 16:35]
val [Установка и запуск системы аудита] 		система_linux_auditing [2024/05/22 16:28] (current)
val [Настройка правил аудита событий]
Line 15: Line 15:
 # auditctl -w /etc/passwd -p rwa -k passwords-files # auditctl -w /etc/passwd -p rwa -k passwords-files
 # auditctl -w /etc/shadow -p rwa -k passwords-files # auditctl -w /etc/shadow -p rwa -k passwords-files
 +
 +# auditctl -l
  
 # cat /​etc/​audit/​audit.rules # cat /​etc/​audit/​audit.rules
 +ubuntu24/​debian12#​ /​etc/​audit/​rules.d/​audit.rules
 </​code><​code>​ </​code><​code>​
 ... ...
Line 22: Line 25:
 -w /etc/shadow -p rwa -k passwords-files -w /etc/shadow -p rwa -k passwords-files
 </​code><​code>​ </​code><​code>​
-/​etc/​init.d/​auditd restart+service ​auditd restart
 </​code>​ </​code>​
  
Line 39: Line 42:
  
 # ausearch -k passwords-files # ausearch -k passwords-files
- 
-# ausearch -f /etc/passwd -i 
 </​code>​ </​code>​
система_linux_auditing.1470058532.txt.gz · Last modified: 2016/08/01 16:35 by val

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Run on Debian Driven by DokuWiki