On Friday 19 October 2007 08:48:05 Adam Pribyl wrote: > > # rsyslog > > # auditd > > This I would like to have more explained. For want purpose you should run > irqbalance on system with minimum devices, auditd on system without > selinux (which I recommend to switch off on system with slow cpu and low > memory). The audit daemon is the collector of all security events - even without selinux installed or enabled. You may want to see failed logins, failed authentication attempts, who's been adding accounts, programs that are segfaulting, who's opening raw sockets, etc. Also, even on small memory systems, selinux is beneficial. The policy does not take that much memory in the kernel. -Steve -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
