User Tools
система_linux_auditing
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
система_linux_auditing [2025/05/19 07:25] val [Рекомендованный набор правил] |
система_linux_auditing [2025/05/21 08:19] (current) val [Рекомендованный набор правил] |
||
|---|---|---|---|
| Line 104: | Line 104: | ||
| -a exit,always -F arch=b64 -F euid=0 -S execve -k ssh_commands | -a exit,always -F arch=b64 -F euid=0 -S execve -k ssh_commands | ||
| -a exit,always -F arch=b32 -F euid=0 -S execve -k ssh_commands | -a exit,always -F arch=b32 -F euid=0 -S execve -k ssh_commands | ||
| + | |||
| + | # или с любыми правами, в том числе, через реверс шел | ||
| + | -a exit,always -F arch=b64 -S execve -k all_commands | ||
| + | -a exit,always -F arch=b32 -S execve -k all_commands | ||
| </code> | </code> | ||
система_linux_auditing.1747628757.txt.gz · Last modified: 2025/05/19 07:25 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
