| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10
Comments:
<BSM> I can backup history file in real time.
<BSM> but like then they can unset histfile and maybe rm the history file
<BSM> I need to make it so they can't :)
<bigbambu> hrm, maybe trusted solaris?
<BSM> hmmm
<BSM> thats a biiatch to setup
<BSM> but yes I thought about it :)
<BSM> I can't replace existing OS with that... it will stuff many things.
<BSM> the hard thing is... when a user "su" and as root they remove files..
<BSM> harder to log.
<BSM> But I did setup some administrative task logging.. you have to piece it together.
<bigbambu> nothing is foolproof
<BSM> using time stamps I suppose :(
<BSM> true
<bigbambu> we use sudo+a logging rootshell
<BSM> ahh
<BSM> how do you do that anyway?
<bigbambu> but it doesn't stop anyone with root from connecting to the console, typing the root p***word and doing whatever
<BSM> just a flag you use with sudo?
<bigbambu> someone hacked bash
<BSM> **** all admins have console access
<BSM> hehe
<bigbambu> to add sudo-like logging to every command
<BSM> not everyone here uses bash
<bigbambu> yea
<bigbambu> well
<bigbambu> if they want a rootshell they do!
<BSM> ahh I see
<BSM> lol
<BSM> I can't restrict that ;)
<BSM> admins use ksh/bash
<BSM> ill google it there must be some methods:)
<bigbambu> gotta have policies man
<BSM> yeh
<BSM> we have "security polocies"
<BSM> just we don't probably use them :)
<BSM> hehe
<BSM> Administration Based on Solaris Management Console 3.0 FCS Framework and NIS+
<BSM> hmm
<BSM> do many companies use trusted solaris?
<BSM> would be nice to gain skills in configuring if so.
<bigbambu> i've never seen it as a req
<BSM> Trusted Roles
<BSM>
<BSM> There are no superuser accounts with Trusted Solaris 8 software; systems administrators are as accountable for their actions as users.
<BSM> woot
<BSM> policies I meant I can't spell
<arp> OMG YOU RULE
<bigbambu> LOLOMGWTFBBQAIDS
<BSM> normal unix is C2 if auditing is turned on
<BSM> apaprently trusted unix is "B" grade
<BSM> windows is D ;)
<Phaedrus> who gives a ****?
<arp> phaedrus, BSM does
<arp> obviously he cares about security, since he chose a security acronym as his nickname.
<Phaedrus> oh!
<bigbambu> BigStinkyManhole
<Phaedrus> and here I was thinking the S was a typo
<bigbambu> heh
<bigbambu> hows the kid phae?
<BSM> trusted solaris is used by military bigbambu
<BSM> would be sweet wokring for DoD
<bigbambu> uhm
<bigbambu> no it wouldnt.
<BSM> heh
<BSM> challenging
<arp> *BSM* thanks ;) [23:14:35]
<arp> *BSM* that guys grumpy. [23:14:43]
<arp> *BSM* interesting spoof. [23:14:53]
<BSM> hehe
<arp> bambu, are you grumpy?
<BSM> not him
<BSM> Phaedrus is grumpy.
<BSM> or just doesn't like my babble.
<Phaedrus> bb he's doing very well
<Phaedrus> yeah, I have no reason to be grumpy, you're simply annoying
<BSM> hehe
<arp> well, it does appear as if you are chatting to see yourself chat.
<BSM> Im kinda ranting on.. and hoping someone will teach me.
<BSM> maybe you will advice against my ideas and I will learn why:)
<arp> maybe not
<BSM> so far it's been quite good help here
<BSM> form bigbambu
<BSM> I should start paying him.
<arp> he prefers to be paid in rimjobs
<BSM> I heard he prefers milshakes.
<gothchick> i'm grumpy
<gothchick> who wants a kicking?
<Phaedrus> not me
<arp> grumpchick
<Phaedrus> hey I tried to contribute to your happiness today
<gothchick> you did :D
<Phaedrus> if it didn't work, it's not my fault!
<gothchick> haha it totally worked
<Atomix> pft
<gothchick> same to you
<Phaedrus> I blame niki
<Phaedrus> for not looking cute enough
<Phaedrus> he should try harder
<Atomix> yeah
<Atomix> or something
<BSM> haha
<BSM> The decision about whether or not to include the other "file" event cl***es to track creating, deleting, reading, and modifying files was probably the most contentious aspect of our auditing discussions within CIS.? Sun[2] recommends avoiding these audit cl***es in order to reduce the size of the audit trail.? On the other hand the DoD guidelines[1] require tracking at least failure for these cl***es (actually the specific recommendation is
<BSM> "fw,-fc,-fd,-fr").
<BSM> hmm tough one.
<BSM> does anyone else use those guidlines?
<BSM> DoD recommended ones.
<Phaedrus> again, this would ***ume that anyone here gives two ****s about security
<bigbambu> heh
<BSM> ofcourse you do
<BSM> you're all most likely sys admins?
<bigbambu> we have a seperate dept. that worries about security
<BSM> I am ***uming Phaedrus doesn't work with a bank ;)
<bigbambu> all we do is keep servers serving
<BSM> ahh
<BSM> monitor events?
<bigbambu> NOPE
<BSM> what then?
<bigbambu> monitoring dept does that
<BSM> hardware?
<BSM> lol
<bigbambu> we just keep the servers serving
<bigbambu> now ask me about the network
<BSM> what exactly does that require?
<bigbambu> so i can say
<bigbambu> THE ROUTING TEAM DOES THAT
<BSM> I don't understand your role.
<BSM> what does that require form you.
<BSM> to make sure there powered on?
<bigbambu> build/configure/maintain 1000+ production servers
<bigbambu> along with various bits of storage
<BSM> well maintain can be on many levels
<bigbambu> but we dont monitor the servers, or worry about security
<bigbambu> other do that.
<bigbambu> others
<BSM> fair enough
<BSM> "maintain" as in sys admin tasks... users and crap?
<bigbambu> users/procs
<BSM> add/remove.. scripting..
<bigbambu> etc.
<BSM> is there a "backup team
<bigbambu> nope
<bigbambu> we do that
<BSM> oh
<BSM> how cool
<BSM> ;)
<bigbambu> but we dont control database backups
<bigbambu> DBAs do that.
<bigbambu> all we do is provide tapes etc.
<BSM> yeh fair enough same here
<BSM> what about system backups?
Return to
#solaris
or
Go to some related
logs:
army's on extacy
diana 7ayak
EXT:RDP password
#computers
#flash
eerie channels 1825
#beginner
#dsl
#openbsd
#nhl
|
|
