[ubuntu-us-ut] file system integrity application
Daniel
teletautala at gmail.com
Tue Sep 16 22:01:51 BST 2008
Aaron,
Thanks for the suggestion of *.debug I hadn't thought of that. Can
you use subversion to track changes to apache config files and
/etc/passwd?
-Daniel
On Tue, Sep 16, 2008 at 2:55 PM, Aaron Toponce <aaron.toponce at gmail.com> wrote:
> Colby W. wrote:
>>
>> On Tue, Sep 16, 2008 at 14:37, Daniel <teletautala at gmail.com> wrote:
>>>
>>> I know of tripwire, systemchecker, aide as far as system integrity
>>> goes. What I want is something that will log who did what to what
>>> file when to any file anywhere in the system. Which of these is best
>>> or is there another one I have missed?
>>
>> OSSEC will tell you whenever a file is changed (and a great deal
>> more) but it does not tell you *who* changed the file unless that
>> feature has been recently added. I've been out of the dev loop on that
>> project for a while now.
>
> I may need to look closer, but I believe this information can be obtained
> via syslog. Setting *.debug in /etc/syslog.conf could be of benefit. Of
> course, this will be highly verbose logging, so logging to a remote
> centralized logging server would be preferred.
>
> Another idea that comes to mind, is using subversion or git to track the
> files on the server. Any version control system will show who modified
> what, but of course, it's doing a lot more than you probably want. :) Just
> an idea though, as horrible as it might be.
>
> --
> _
> Aaron Toponce ( ) ASCII Ribbon Campaign
> www.aarontoponce.org X www.asciiribbon.org
> / \
>
>
> --
> ubuntu-us-ut mailing list
> ubuntu-us-ut at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-ut
>
>
More information about the ubuntu-us-ut
mailing list