Solved

Solaris 9 CDE Authentication Logging

Posted on 2006-10-30
5
435 Views
Last Modified: 2013-12-27
We have a need to log *ALL* login successes and failures in Solaris 9.

I've been able to get all command line logins to log.. no problemo....  however, no CDE activity logs... I can't seem to find a way to get CDE login successes and failures to write to syslog...



Help?!?!


0
Comment
Question by:ParadiseITS
  • 3
5 Comments
 
LVL 10

Accepted Solution

by:
Nukfror earned 400 total points
ID: 17836859
You should enable BSM for this.  Just google for "solaris bsm login audit" and you'll find all kinds of stuff.  An example is here:

http://www.deer-run.com/~hal/sysadmin/SolarisBSMAuditing.html
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 100 total points
ID: 17838759
Agreed with  Nukfror use BSM for the job, have a look at the following docs about BSM, to learn more:
http://www.boran.com/security/sp/Solaris_bsm.html
http://www.securityfocus.com/infocus/1362
http://abelew.web.wesleyan.edu/bsmaudit1.html
http://docs.sun.com     -- Search for BSM

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842093
So, to break down the BSM tool...    the document Nukfor sent seems to sum it up... so here is my understanding...  can anyone clarify if I've got it before I try it?


run the audit_startup script
then I can edit (using vi??) the audit_control file to:

dir:/var/audit
minfree:20
flags:lo
naflags:lo


and this will grab all login activity?

My thoughts were to setup a cron job to do the audit -n then archive the resulting logs off the server...  is this a sound plan?  Or am I missing something??

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842217
check that.. I meant run the bsmconv.. not audit_startup
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842672
I'm going to go ahead and close this, I have it working on my Virtual Machine so it's good enough to close the question -- thanks!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question