Solved

Solaris 9 CDE Authentication Logging

Posted on 2006-10-30
5
433 Views
Last Modified: 2013-12-27
We have a need to log *ALL* login successes and failures in Solaris 9.

I've been able to get all command line logins to log.. no problemo....  however, no CDE activity logs... I can't seem to find a way to get CDE login successes and failures to write to syslog...



Help?!?!


0
Comment
Question by:ParadiseITS
  • 3
5 Comments
 
LVL 10

Accepted Solution

by:
Nukfror earned 400 total points
ID: 17836859
You should enable BSM for this.  Just google for "solaris bsm login audit" and you'll find all kinds of stuff.  An example is here:

http://www.deer-run.com/~hal/sysadmin/SolarisBSMAuditing.html
0
 
LVL 38

Assisted Solution

by:yuzh
yuzh earned 100 total points
ID: 17838759
Agreed with  Nukfror use BSM for the job, have a look at the following docs about BSM, to learn more:
http://www.boran.com/security/sp/Solaris_bsm.html
http://www.securityfocus.com/infocus/1362
http://abelew.web.wesleyan.edu/bsmaudit1.html
http://docs.sun.com     -- Search for BSM

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842093
So, to break down the BSM tool...    the document Nukfor sent seems to sum it up... so here is my understanding...  can anyone clarify if I've got it before I try it?


run the audit_startup script
then I can edit (using vi??) the audit_control file to:

dir:/var/audit
minfree:20
flags:lo
naflags:lo


and this will grab all login activity?

My thoughts were to setup a cron job to do the audit -n then archive the resulting logs off the server...  is this a sound plan?  Or am I missing something??

0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842217
check that.. I meant run the bsmconv.. not audit_startup
0
 
LVL 9

Author Comment

by:ParadiseITS
ID: 17842672
I'm going to go ahead and close this, I have it working on my Virtual Machine so it's good enough to close the question -- thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Virtualizing TAPE on dual VIOS 3 78
building a service to accessed via telnet client, want colors ? 4 83
Oracle Finace 3 67
Bash Script to Analyze Oracle Schemas 11 84
Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now