Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I thought the security people would have an answer.
Every once in a while I get a bunch of errors because some process tried
to access my CDROM, triggering automount when there's no disk in the
drive.
I'd
2004. februr 12. 19:45 dtummal Ryan Underwood ezt rta:
Thanks a lot!
Daniel
--
LeVA
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade Richards wrote:
Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I thought the security people would have an answer.
Every once in a while I get a bunch of
what package and deamon does the audit of every file executed?
Phillip Hofmeister wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade Richards wrote:
Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I thought
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
RSBAC has such a facility.
Executing is done by calling execve(2). The section number `2' informs
us this is a system call. Therefore, such an accounting must be
Hello,
what package and deamon does the audit of every file executed?
if you patch the kernel with GRsecurity - you can turn on logging of
executing, sended singals, failed forking, changing date/time,
even changing the directory :)
www.grsecurity.org
all goes to syslog
or you can start
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 02:50:06PM -0500, hanasaki wrote:
what package and deamon does the audit of every file executed?
As I said, it is the GRSecurity Kernel patch
(http://www.hgrsecurity.org). When you apply the patch audits get sent
to the
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
Selon Jan Minar [EMAIL PROTECTED]:
RSBAC has such a facility.
Executing is done by calling execve(2). The section number `2' informs
us this is a system call.
On Sun, Feb 15, 2004 at 04:25:48AM +0700, Jean Christophe André wrote:
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
Selon Jan Minar [EMAIL PROTECTED]:
RSBAC has such a facility.
Executing is done by calling
On Sat, 2004-02-14 at 14:50, hanasaki wrote:
what package and deamon does the audit of every file executed?
There is the snoopy package which logs all execve calls.
Phillip Hofmeister wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade
On Sun, 15 Feb 2004 05:31, Wade Richards [EMAIL PROTECTED] wrote:
Every once in a while I get a bunch of errors because some process tried
to access my CDROM, triggering automount when there's no disk in the
drive.
SE Linux can audit all interesting actions, exec, read, write, create,
How about the below?
apt-cache show trustees
It looks interstesting but I dont have much time to mess with it.
Russell Coker wrote:
On Sun, 15 Feb 2004 05:31, Wade Richards [EMAIL PROTECTED] wrote:
Every once in a while I get a bunch of errors because some process tried
to access my
Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I thought the security people would have an answer.
Every once in a while I get a bunch of errors because some process tried
to access my CDROM, triggering automount when there's no disk in the
drive.
I'd
2004. február 12. 19:45 dátummal Ryan Underwood ezt írta:
Thanks a lot!
Daniel
--
LeVA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade Richards wrote:
Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I thought the security people would have an answer.
Every once in a while I get a bunch of
what package and deamon does the audit of every file executed?
Phillip Hofmeister wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade Richards wrote:
Hi,
This isn't a major problem for me, but since it's related to auditing
file access, I
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
RSBAC has such a facility.
Executing is done by calling execve(2). The section number `2' informs
us this is a system call. Therefore, such an accounting must be
Hello,
what package and deamon does the audit of every file executed?
if you patch the kernel with GRsecurity - you can turn on logging of
executing, sended singals, failed forking, changing date/time,
even changing the directory :)
www.grsecurity.org
all goes to syslog
or you can start
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 02:50:06PM -0500, hanasaki wrote:
what package and deamon does the audit of every file executed?
As I said, it is the GRSecurity Kernel patch
(http://www.hgrsecurity.org). When you apply the patch audits get sent
to the
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
Selon Jan Minar [EMAIL PROTECTED]:
RSBAC has such a facility.
Executing is done by calling execve(2). The section number `2' informs
us this is a system call.
On Sun, Feb 15, 2004 at 04:25:48AM +0700, Jean Christophe André wrote:
On Sat, Feb 14, 2004 at 01:50:06PM -0600, hanasaki wrote:
what package and deamon does the audit of every file executed?
Selon Jan Minar [EMAIL PROTECTED]:
RSBAC has such a facility.
Executing is done by calling
On Sat, 2004-02-14 at 14:50, hanasaki wrote:
what package and deamon does the audit of every file executed?
There is the snoopy package which logs all execve calls.
Phillip Hofmeister wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sat, 14 Feb 2004 at 01:31:52PM -0500, Wade
On Sun, 15 Feb 2004 05:31, Wade Richards [EMAIL PROTECTED] wrote:
Every once in a while I get a bunch of errors because some process tried
to access my CDROM, triggering automount when there's no disk in the
drive.
SE Linux can audit all interesting actions, exec, read, write, create,
23 matches
Mail list logo