On 06/11/2013 12:24 PM, Sabuj Pattanayek wrote:
https://isc.sans.edu/diary/Auditd+is+your+friend/15163
RHEL/CENTOS by default are not setup to monitor the passwd file, but
you can make modifications in the conf file as explained above. I
don't know if your distro logs access and modifications to /etc/passwd
in audit but check in /var/log/audit/*
Noted and acted upon. Thanks Sabuj!
Howard
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups "NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
