Update lnx_auditd_keylogging_with_pam_d.yml
adding missing uuid
This commit is contained in:
zakibro
@@ -1,5 +1,5 @@
|
||||
title: Linux Keylogging with Pam.d
|
||||
id:
|
||||
id: 49aae26c-450e-448b-911d-b3c13d178dfc
|
||||
description: Detect attempt to enable auditing of TTY input
|
||||
# -w /etc/pam.d/ -p wa -k pam - this rule will help you detect changes to the pam.d files- https://github.com/Neo23x0/auditd/blob/master/audit.rules
|
||||
# - the TTY events detection asumes that you do not expect them in your environment or add filtering on those users that you configured it for
|
||||
|
||||
Reference in New Issue
Block a user