David Meireles wrote:
Hi there.
One client of ours has a pfsense firewall (working great, btw). Due to
their policies, and althrough they don't have indoor IT staff, they
now the password to access the pfsense admin page (the boss and a
teenage pseudo-it-wannabe). It happened more than once that there were
problems with pfsense due to "someone" messing up with the firewall
rules, and I know who did it, but the thing is that I cannot say to my
costumer "Your employe did that" without having proof (my word against
his). So, I was wondering, is there a way to log the time and ip of
who accesses the admin page?
Cheerz
Not really, the admin account is the admin account. This changes
somewhat in 1.3 with the user manager code. If I were you, I would
always keep a copy of the config.xml for your clients and update it
every time you make changes. Then if something like this happens, you
can get into the box and run a diff against the configs. If something's
changed, you have pretty clear evidence that it wasn't you. It's also a
good policy to have regardless for the purposes of disaster recovery.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
