Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: need bash script Intrusion Detection on Linux
Top Forums Shell Programming and Scripting need bash script Intrusion Detection on Linux Post 302423003 by Yogesh Sawant on Thursday 20th of May 2010 02:23:21 AM
Old 05-20-2010
check if this is what you are looking for
https://www.unix.com/security/111034-bash-auditing.html
turning auditing on AIX 4.3
 

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Linux distro from bash script

hello ALL, I wander, is there an easy way to get information which linux distro and its version a script runs on? I'm looking for a function like getDistroInfo(), which would return strings like "Ubuntu7.10" or "SLES10" or "RHEL5" etc. uname returns lots of stuff, but distro info.... (1 Reply)
Discussion started by: Samtim74
1 Replies

2. UNIX for Advanced & Expert Users

boot up detection for linux

Hello, I was wondering is there a specific process I could look for to tell if my suse linux machine is still booting up. I have a monitor process and it's detecting problems with processes because I think the machine is still booting up and has yet to start everything up. Thanks for any help. (2 Replies)
Discussion started by: benefactr
2 Replies

3. Cybersecurity

Intrusion Detection - System Call Introspection

can u give me a code for host based intrusion detection using system call introspection... (5 Replies)
Discussion started by: aravind007
5 Replies

4. Shell Programming and Scripting

A simple intrusion detection script

If you have a very static Linux server and you want to make sure it's not messed with, here's a simple script that will tell you if any files have been tampered with. It's not as fancy or as secure as tripwire or those others, but it is very simple. It can be easily adapted to any *NIX OS. ... (3 Replies)
Discussion started by: otheus
3 Replies

5. Shell Programming and Scripting

Help with linux bash script

Hello everybody! This is my first time having to write a script so your help is most appreciated.Also i am a beginner when it comes to linux so please bare with me.Thanks in advance to all who will look into this for me. I have to write a bash script that will show the free space on the hard... (4 Replies)
Discussion started by: manike
4 Replies

6. Shell Programming and Scripting

key detection in a script

Heloo every one I want to write a script that detects a key press and mouse click and movement,but I dont know how. The second one is I want to run myscript without writing the shell ie not "sh script.sh" but "script.sh" Can you help me out of here? Thanks in advance. (9 Replies)
Discussion started by: enoch99
9 Replies

7. Programming

Parallel Processing Detection and Program Return Value Detection

Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
Discussion started by: azar.zorn
4 Replies

8. Shell Programming and Scripting

Automating BitTorrent traffic detection via bash

Hi all, Earlier today, I read an article on how to detect BitTorrent traffic using tshark (the cli version of Wireshark). I wanted to have a go at creating a simple script, that when BitTorrent packets are detected the network connection will be throttled. The thing is that I am not great at... (1 Reply)
Discussion started by: ShrewNet
1 Replies

LEARN ABOUT HPUX

audwrite

audwrite(2)							System Calls Manual						       audwrite(2)

NAME

       audwrite() - write an audit record for a self-auditing process

SYNOPSIS

DESCRIPTION

       is  called  by  self-auditing processes, which are capable of turning off the regular auditing using the system call (see audswitch(2)) and
       doing higher-level auditing on their own.  is restricted to users with the privilege.

       checks to see if the auditing system is on and the calling process and the event specified are being audited.  If these conditions are met,
       writes  the  audit  record  pointed to by audrec_p into the audit trail.  The record consists of an audit record body and a header with the
       following fields:

	      /* Date/time (tv_sec of timeval) */
	      /* Process ID */
	      /* Success/failure */
	      /* Event being audited */
	      /* Length of variant part */

       The body contains additional information about the high-level audit event.  The header fields and are specified	by  the  calling  process.
       fills  in  and fields with the correct values.  this is done to reduce the risk of forgery.  Beginning with 11i version 3 release, converts
       the record into a different format before writing it into the current audit trail.

   Security Restrictions
       Some or all of the actions associated with this system call require the privilege.  Processes owned by the superuser have  this	privilege.
       Processes  owned  by  other users may have this privilege, depending on system configuration.  See privileges(5) for more information about
       privileged access on systems that support fine-grained privileges.

RETURN VALUE

       If the write is successful, a value of is returned.  Otherwise, a value of is returned and is set to indicate the reason for the failure.

ERRORS

       fails if one of the following is true:

	      The caller does not possess the
			     privilege.

	      The event number in the audit record is invalid.

WARNINGS

       If causes a file space overflow, the calling process might be suspended until the file space is cleaned up.  However, a returned call  with
       the return value of indicates that the audit record has been successfully written.

AUTHOR

       was developed by HP.

SEE ALSO

       audswitch(2), audit(4), privileges(5).

																       audwrite(2)
All times are GMT -4. The time now is 02:05 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy