tracking escalation

General (Technical, Procedural, Software, Hardware etc.)

Last Post by jolintan 7 years ago

1 Posts

1 Users

0 Reactions

398 Views

RSS

jolintan

(@jolintan)

Trusted Member

Joined: 7 years ago

Posts: 32

Topic starter 22/09/2018 9:22 am

platform is redhat linux 6.1, I find new user tianbu created two weeks ago, I suspect the linux server is compromised by this user with root right, how can we track any priviledge escalation log (time, logon ip)by this user? any history can be tracked?

Quote

8 Forums
15.7 K Topics
92.3 K Posts
216 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed