- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
How-To Make Linux System Auditing a Little Easier
- Abstract
- Auditing your system and network covers an important aspect of security, detection. It is your last line of defense. It is crucial that you have in place a means of determining the state of your system and to detect unauthorized logins and system changes. To accomplish this there are several programs and utilities that are made available but using them all on a daily basis and over a period of time can be an over whelming task if you don't design a good strategy. The design must be simple enough, yet effective, so that it can be used regularly and over a long period of time. In this paper I will talk about the various programs and utilities that can be used to audit your Linux system and how to put them all together in one script to make daily system auditing a little easier.