user priviledge escalation
I'm using redhat linux 6.1, I find new user tianbu created two weeks ago, I suspect the linux server is compromised by this user with root right, how can we track any priviledge escalation by this user? any history can be tracked?
|
you should be able to provide much more information than this, and consequently at least half answer your own querstion.
please read the first link in my signature. |
logging users actions, then reading them or the log(s). simple as that.
|
All times are GMT -5. The time now is 02:38 AM. |