Using auditing on your system
Auditing keeps detailed records of system usage, enabling you to determine
if any tampering has occurred (attempted or successful).
However, auditing can require additional supervision and disk space,
depending on how long it is enabled.
It can also have a significant impact on performance, depending on the
events being audited.
For more information, see the Audit documentation on the
Security
documentation page.
NOTE:
It is not necessary to keep auditing enabled. It can
be a useful tool if tampering is suspected. Because most systems calls
are recorded when auditing is enabled, it is also an excellent
program debugging tool.
Next topic:
Protecting the data on your system
Previous topic:
Restricting root logins to a specific device
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 03 June 2005