Suggestion for auditd set-up

Posted by JVerstry on Server Fault See other posts from Server Fault or by JVerstry
Published on 2011-03-05T18:32:39Z Indexed on 2011/03/06 0:12 UTC
Read the original article Hit count: 421

Filed under:
|
|
|

Hi,

I am trying to learn about securing a Linux box (I am using Ubuntu). Auditd is recommended for monitoring activities on the node. I have managed to install it, but I can't find much information about proper set-up to secure my node.

How should I set-up auditd to make my node more secure? What should I monitor? Why? I am looking for set-up examples and recommendation from experienced administrators.

Thanks!

© Server Fault or respective owner

Related posts about linux

Related posts about ubuntu