-
![thumbnail]()
-
![thumbnail]()
-
![thumbnail]()
-
![thumbnail]()
-
![thumbnail]()
-
![thumbnail]()
-
Getting Credential Reports for Your AWS Account - AWS Identity and Access Management
September 21, 2016 at 11:16:54 AM GMT+2 - permalink -To generate a report
- :
In addition to using credential reports, you can also determine when a password or access key was last used by using these IAM APIs:
ListUsers (AWS CLI command: aws iam list-users)
GetUser (AWS CLI command: aws iam get-user)
GetAccessKeyLastUsed (AWS CLI command: aws iam get-access-key-last-used)
-
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html
-
enaqx/awesome-pentest · GitHub
January 18, 2015 at 2:25:45 PM GMT+1 - permalink -A collection of awesome penetration testing resources, tools and other shiny things
-
https://github.com/enaqx/awesome-pentest
-
linux - Is it possible to get OpenSSH to log the public key that was used in authentication? - Server Fault
December 23, 2014 at 5:15:21 PM GMT+1 - permalink -Je préfère cette solution, à savoir passer sshd en VERBOSE.
L'autre solution consiste à utiliser environment dans le fichier authorized_keys puis à écrire dans un fichier (à l'aide de .bashrc par exemple). Mais l'utilisateur peut modifier ce fichier..
ssh-keygen -lf /path/to/public_key_file
-
http://serverfault.com/questions/291763/is-it-possible-to-get-openssh-to-log-the-public-key-that-was-used-in-authenticat
-
![thumbnail]()
User Statistics — Percona Server 5.5 Documentation
July 10, 2014 at 4:50:49 PM GMT+2 - permalink -Peut servir pour auditer les comptes utilisés
-
http://www.percona.com/doc/percona-server/5.5/diagnostics/user_stats.html?id=percona-server:features:userstatv2
-
How to log history and logins from multiple ssh-keys under one user account | Screenage
May 14, 2014 at 5:22:59 PM GMT+2 - permalink -Une astuce utile pour faire un audit des connexions par clé sur un compte (quand on a plusieurs personnes avec des clés différentes qui accèdent au meme user)
Implémentation rapide :
!/bin/bash
#On convertit le authorized_keys pour ajouter la variable d'env
cp ~/.ssh/authorized_keyz ~/.ssh/authorized_keyz.ORIGINAL
IFS=$'\n'
for line in $(cat .ssh/authorized_keys)
do
comment=$(echo $line|cut -d' ' -f3)
echo "environment=\"SSH_USER=$comment\" $line" >> ~/.ssh/authorized_keyz.COMMENT
donecp ~/.ssh/authorized_keyz.COMMENT ~/.ssh/authorized_keyz
Puis dans le bashrc de l'user, ajouter ça :
if [ "$SSHUSER" != "" ]; then
now=$(date +%Y-%m-%d%H-%M-%S)
echo $now : User $SSH_USER logged in >> ~/ssh-audit.log
fi
-
http://www.screenage.de/blog/2012/02/10/how-to-log-history-and-logins-from-multiple-ssh-keys-under-one-user-account-with-puppet/
