You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Gerardo Zamudio 8f3ed29ae6
audit: Nuevo
4 years ago
..
README audit: Nuevo 4 years ago
README.SLACKWARE audit: Nuevo 4 years ago
audit-2.3.6-sysconfig.diff audit: Nuevo 4 years ago
audit.SlackBuild audit: Nuevo 4 years ago
audit.info audit: Nuevo 4 years ago
doinst.sh audit: Nuevo 4 years ago
slack-desc audit: Nuevo 4 years ago

README

Audit for Slackware


The Linux Auditing System is a kernel subsystem the allows the kernel to
record events of interest to intrusion detection systems, such as file
access attempts, specific system calls, or custom events generated by
trusted system binaries like login or sshd. The audit package provides the
tools to configure the audit system, and to collect and process its output.

To collect audit events, your kernel must have the audit system enabled,
which is present in the stock Slackware kernels.

The audit package has no other dependencies. However, certain audit events
of interest, such as failed login attempts from /bin/login, password changes,
etcetera are generated by their respective binaries using libaudit. If your
site policy requires auditing those events, some reconfiguration and/or
patching may be required.