| Title: | -={ H A C K E R S }=- |
| Notice: | Write locked - see NOTED::HACKERS |
| Moderator: | DIEHRD::MORRIS |
| Created: | Thu Feb 20 1986 |
| Last Modified: | Mon Aug 03 1992 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 680 |
| Total number of notes: | 5456 |
Any neat little tricks (traps) out there for knowing when
someone is messing around in your account????? This person
has priv's, and the EXPIRED date field is NOT active on this
cluster.
| T.R | Title | User | Personal Name | Date | Lines |
|---|---|---|---|---|---|
| 343.1 | alarm ACE's? | FROST::HARRIMAN | knees are wierd | Wed Oct 29 1986 16:05 | 15 |
Set ACLs with ALARM ACE's, look for either SUCCESS or FAILURE -
your choice...
Either that or set auditing for use of the BYPASS or SYSPRV privs
to successfully access something...
note - you can only do this if you are a system mangler or you are
on good terms with the system mangler...
Look in Volume 4A of the VAX/VMS manuals under Access Control List
Editor, or the guide to system security on VMS.
/pjh
| |||||
| 343.2 | SECPACK does it now! | SEDSWS::KORMAN | TGIF | Mon Nov 03 1986 05:41 | 10 |
Securpack has some good utilities for sorting out file access alarms - you could ask you system mangler to give you a copy of SECPACK_REPORT_SECURITY.COM and modify it to suit. You will also need READALL priv or an ACL that allows you to access OPERATOR.LOG using BACKUP/IGNORE=OVER. I use this method successfully as a self-resubmitting batch job that runs each day at 23.45 hours. Dave K | |||||