SecurityPortal: Ask Buffy - Logging root commands, xinetd, bcc e-mail tracking

"Are there any programs available for Solaris and Linux boxes to log all sessions in a root shell? Something just like what "sudo" does whenever its sudoers execute root commands, but for the root account?"

"With the recent migration of Red Hat to xinetd vs. the older inetd, how does the 'traditional' method of using tcp_wrappers (via /etc/hosts.deny and hosts.allow) come into play? It seems that xinetd provides a lot of the abilities that tcp_wrappers does/did. Assuming that the rules in xinetd and the hosts.* files conflicted, which would have precedence and why?"

"Recently, at my work, several employees were accidentaly emailed a confidential email that was bcc'ed to them. Is it possible to find out everyone that was bcc'ed on the email, without looking in the senders sent items or looking on the Exchange serever?"

Complete Story

Related Stories:

• SecurityPortal: Ask Buffy - After an Attack; Firewalls and Intrusion Detection; SSL; lpd.(Apr 26, 2001)
• SecurityPortal: Ask Buffy - ports; log search tools, DNS - UDP or TCP (Apr 12, 2001)
• Security Portal: Ask Buffy: Strange log entries; LDAP; Nessus; SSL; and restricting VPN access.(Apr 05, 2001)
• Security Portal: Ask Buffy - Unencrypted TCP Logging Application and Hiding the Web Server Identity(Mar 29, 2001)
• Security Portal: Ask Buffy - Mysterious Files In Linux /tmp Directory and Log Analyzer for Firewall(Mar 08, 2001)