01-29-04 10:37 AM
"obrienje1" <obrienje1@boeing.com> wrote in message
news:40190D97.1294A83F@boeing.com...quote:
> Hi,
> I am trying to set up c2 security on an Alpha server running Digital
> Unix 4.0F. I have the security software installed and I turned on
> enchanced security. The problem I am having is that I am getting
> unpredictable results when I set up security auditing and try to
> generate reports. I think there is something wrong with my security
> setup. I do not have the auditconfig command. I set up security using
> the audit_setup command, which kind of worked. It did not set up the
> /etc/sec/fs_objects file so I cannot audit any particular files. I set
> up auditmasks vi the dxaudit utility, but the results are not as
> expected and I lose settings upon reboots.
> I think I'm missing something and I keep going in circles.
> I have the enhanced security software subsets configured and loaded in
> my kernel.
>
> # setld -i | grep -i s2sec
> OSFC2SEC440 installed C2-Security (Systems administration)
> OSFXC2SEC440 installed C2-Security GUI (Systems Administration)
>
> Any ideas?
> Thanks,
> John
>
> john.e.obrien3@boeing.com
First, check out the information on the Audit subsystem in the V4.0F
Security manual. It should help a lot. The auditmask man page
may help some, too.
I don't think that object selection (which you need to audit specific
files) was available in V4.0F, looking at the Security manual should
confirm or deny this.
For the auditmask changes to persist over reboots, the auditmask
information has to be set properly in the /etc/rc.config file.
Ann
[ Post a follow-up to this message ]
| 
