Professional Documents
Culture Documents
Auditing in Solaris 10
Dr. Ruediger Riediger
SunCERT / IT Security Monitoring
Sun Microsystems GmbH
1
Logging
• crontab -l root
30 22 * * 4 /usr/lib/acct/dodisk
UID NAME PRIME NPRIME PRIME NPRIME PRIME NPRIME BLOCKS PROCS SESS SAMPLES
1 daemon 0 0 0 0 0 0 24 0 0 2 0
2 bin 0 0 0 0 0 0 756 0 0 2 0
5 uucp 0 0 0 0 0 0 3416 0 0 2 0
25 smmsp 0 0 0 3 0 0 8 151 0 2 0
50 gdm 0 0 0 0 0 0 4 0 0 2 0
COMMAND NUMBER TOTAL TOTAL TOTAL MEAN MEAN HOG CHARS BLOCKS
NAME CMDS KCOREMIN CPU-MIN REAL-MIN SIZE-K CPU-MIN FACTOR TRNSFD READ
TOTALS 20380 16290228.00 192.25 14797.36 84735.67 0.01 0.01 40018702336 385812
imapd-20 464 24877.94 2.71 4118.54 9180.62 0.01 0.00 5853976576 42724
/usr/sbin/audit -n
/usr/bin/sleep 1
...
64