How to keep a detailed audit trail of what’s being done on your Linux systems
Wednesday, November 15, 2006
Intrusions can take place from both authorized (insiders) and unauthorized (outsiders) users. My personal experience shows that unhappy user can damage the system, especially when they have a shell access. Some users are little smart and removes history file (such as ~/.bash_history) but you can monitor all user executed commands.Very useful in all types of environments. Check it out! Read more @ NixCraft.