files modified ?
Can anybody create a command/script which consists of log events of all commands executed or files modified by any host ,say 188.8.131.52, and the output of that command is redirected to any log file . I donot know much abt advanced linux commands or scripting .
find /etc -mtime -10 >/change.log
it redirects all files modifed since last 10 min. to change.log file but pl modify it so that i can log all events ,which are executed by remote host , in this file so that i could be able to know which files are modified by unknown hosts or anybody else.
I know about tripwire or AIDE. but there must be any way else to do this