Published at LXer:
Sarbanes-Oxley has forced many companies to start taking UNIX security seriously. Not a big deal. We all know how to secure a UNIX server: disable unnecessary network daemons; remove unnecessary software packages like compilers and debuggers; institute strict password and account parameters; and search and destroy world-writable files. The only thing that eludes us is how to secure and audit shell access. This is where Enterprise Audit Shell (EAS) comes in.