[hobbit] monitoring etc passwd
dOCtoR MADneSs
doctor at makelofine.org
Wed Jul 8 13:48:02 CEST 2009
Shaun Phillips a écrit :
> If you do monthly root password changes this is going to send your
> entire estate red surely as the MD5 will change?
>
> On Wed, Jul 8, 2009 at 9:02 AM, dOCtoR MADneSs <doctor at makelofine.org
> <mailto:doctor at makelofine.org>> wrote:
>
> rsmrcina at wi.rr.com <mailto:rsmrcina at wi.rr.com> a écrit :
>
> Gavin,
>
> Use the FILE client check to determine and possibly alert when a
> file (/etc/passwd) has been changed.
>
> ---- Gavin Leonard <gleonard at progrexion.com
> <mailto:gleonard at progrexion.com>> wrote:
>
> Hi All,
> I am having a problem where users and groups
> are being created without the knowledge of the admin team
> and its making it difficult to know who had access to what
> systems if they leave the company... is there a way for
> hobbit to tell me when the /etc/passwd or /etc/group files
> change? Thanks in Advance..
>
> -Gavin
>
>
>
>
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe at hswn.dk <mailto:hobbit-unsubscribe at hswn.dk>
>
>
> Hi,
>
> In client-local.cfg :
> [your_host]
> file:/etc/passwd
> in hobbit-clients.cfg :
> HOST=your_host
> FILE /etc/passwd red MD5=9780JNLKNoiulknaée2
>
> Those settings should do exactly what you need
>
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe at hswn.dk <mailto:hobbit-unsubscribe at hswn.dk>
>
>
>
Yes, of course every authorized changes in /etc/passwd MD5sum must be
passed to hobbit-clients.cfg
More information about the Xymon
mailing list