[logs] auditing

• Previous message: Johannes Ullrich: "[logs] Re: writing syslog parsers"
• Next in thread: Eric Fitzgerald: "RE: [logs] auditing"
• Reply: Eric Fitzgerald: "RE: [logs] auditing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

All-

I am trying to explain to a manager (non technical) about audit but unable
to get through him the point below.  I tried and tried but unsucessful.  I
am looking for some plain English with examples to show to him.  Any
advise/info is appreciated.

Auditing makes it possible to do the following:
·     Discover extended use of privilege that occurs when a user changes
identity.  How is this done ? how does a user outside of Unix change
identity ?

TIA,
Justin

_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Christopher Lonvick: "RE: [logs] why log transport is still important"
• Previous message: Johannes Ullrich: "[logs] Re: writing syslog parsers"
• Next in thread: Eric Fitzgerald: "RE: [logs] auditing"
• Reply: Eric Fitzgerald: "RE: [logs] auditing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Dec 13 2002 - 13:14:54 PST