Security audit programs
Bjorn Satdeva
bjorn at sysadmin.sysadmin.com
Wed Mar 27 17:28:16 AEST 1991
In <612 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
>> [Question about periodic security audit deleted.]
>Hardly a need for a special program. What I do is:
> [Solution using find deleted]
>(Actually, I wouldn't be very surprised to find that someone had written
>a separate program to duplicate this special case. People do silly things
>like that all the time. ;-)
John,
Writing a program which does this kind of test is not necessary silly.
If you are responsible for a large number of systems, and run the test
automatically from cron, you only want to hear about the problems,
not all the OK stuff.
References to security audit programs are COPS (posted to comp.unix.sources),
SPY (LISA proceedings 1989 [I think]) and SECURE in the UNIX Security Book
by W&K. The last is a good starting point for how to write your own sequrity
audit (app. 60 pages shell scripts), but don't expect to use it as is,
unless you run vanilla SYS V rel 2.
Bjorn
--
Bjorn Satdeva -- email: bjorn at sysadmin.com or uunet!sysadmin!bjorn
/sys/admin, inc. The Unix System Management Experts (408) 241 3111
Send requests to the SysAdmin mailing list to sysadm-list-request at sysadmin.com
More information about the Comp.unix.admin
mailing list