Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual page 384
Hide thumbs
Also See for LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009:
- Administration manual (338 pages) ,
- Deployment manual (246 pages) ,
- Application manual (364 pages)
Table of Contents
Advertisement
6 Generate logs and configure tailor-made reports. Refer to
7 Configure optional log visualization. Refer to
IMPORTANT: Controlling the Audit Daemon
Before configuring any of the components of the audit system, make sure that
the audit daemon is not running by entering rcauditd status as root.
On a default SUSE Linux Enterprise Desktop system, audit is started on boot,
so you need to turn it off by entering rcauditd stop. Start the daemon after
configuring it with rcauditd start.
31.1 Determining the Components to
Before setting out to create your own audit configuration, determine to which degree
you want to use it. Check the following rules of thumb to determine which use case
best applies to you and your requirements:
• If you require a full security audit for CAPP/EAL certification, enable full audit
for system calls and configure watches on various configuration files and directories,
similar to the rule set featured in
(page 383). Proceed to
• If you require an occasional audit of a system call instead of a permanent audit for
system calls, use autrace. Proceed to
Calls"
• If you require file and directory watches to track access to important or security-
sensitive data, create a rule set matching these requirements. Enable audit as de-
scribed in
to
372
Security Guide
uring Audit Reports"
Visualization"
(page 380) for details.
Audit
Section 31.3, "Enabling Audit for System Calls"
(page 374).
Section 31.3, "Enabling Audit for System Calls"
Section 31.4, "Setting Up Audit Rules"
(page 377) for details.
Chapter 32, Introducing an Audit Rule Set
Section 31.3, "Enabling Audit for System
(page 375).
Section 31.5, "Config-
Section 31.6, "Configuring Log
(page 374) and proceed
(page 374).
Advertisement
Table of Contents
Related Manuals for Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009
Related Products for Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009
- NOVELL EDIRECTORY 8.8 SP2 - GUIDE 10-2007
- NOVELL EDIRECTORY 8.8 SP5 - GUIDE 12-2009
- NOVELL IDENTITY MANAGER 3.6.1 - WORKORDER DRIVER IMPLEMENTATION GUIDE 18-12-2009
- NOVELL LINUX ENTERPRISE 11 - SUBSCRIPTION MANAGEMENT TOOL GUIDE 10-02-2009
- NOVELL OPEN ENTERPRISE SERVER - CONVERSION GUIDE 12-2010
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - PLANING AND IMPLEMENTATION GUIDE 11-10-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - UPGARDE GUIDE 10-09-2009
- NOVELL PLATESPIN ORCHESTRATE 2.0.2 - VIRTUAL MACHINE MANAGEMENT GUIDE 10-17-2009
- NOVELL PRODUCT NAME 10.3 - DEPLOYING ZENWORKS ON CITRIX SERVER BEST PRACTICES GUIDE 12-13-2010
- NOVELL SERVER CONSOLIDATION MIGRATION TOOLKIT 1.1 - ADMINISTRATION GUIDE 12-23-2005
- NOVELL ZENWORKS APPLICATION VIRTUALIZATION 8.0.2 - INTEGRATION AND STREAMING GUIDE 11-2010
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL CUSTOMER CENTER 2.3 - GUIDE 4-8-2009
- NOVELL IFOLDER 3.X - SECURITY ADMINISTRATOR GUIDE 08-15-2006
- NOVELL LINUX ENTERPRISE SERVER 10 - START-UP GUIDE 06-12-2006
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STORAGE ADMINISTRATION GUIDE 05-15-2009