Re: Logging User Activity
Am Mit, 2003-05-14 um 16.33 schrieb Michael Parkinson:
> Dear All,
>
> Currently implementing a number of modifications to our internal security
> policies and one addition I am attempting to add is the full logging of user
> activity.
Are you sure that this is not violating your users' privacy?
But apart from political and legal issues - I suggest using the
grsecurity kernel patch (www.grsecurity.org). You can put all users that
you don't trust into a special audit group. Of course, you still have to
come up with a solution for secure remote logging (syslog is not an
option - some of your users could for example get the idea of sending
fake logs of other users doing nasty things to the remote logging
server...).
Sebastian
Reply to: