Distributed Audit / Log Shipping Daemon

The shipping daemon will deliver the audit trails generated through the network to a master system, that will admin the trails to have the auditing centralized, ease to admin and practical. The admin will have all the trails in one system and can do the security auditing in one system (perhaps a special system to keep the auditing). Some mechanisms as SHA256 checksum and cryptographic features will be implemented to guarantee the integrity of the delivery system.

Working Sergio Ligregni with the mentoring of Stacey Son

Small timeline

Code the shippd daemon and modify auditd to call it when a trail is finalized.

Code the features of shipd daemon that will communicate with the master system, also, code the master daemon that will receive the files. In this phase, SHA256 checksum will be implemented (as well as file listings comparison).

Do the master work, this is, receive the files and perform the appropiate pathing, and the right naming (to prevent duplicates when errors occurs).

Perform the mid-term prep testing.

Implement SSL in the network communication

Perform the final testing.

Document the tool.

Status

The project is already finished, it includes now:

The shipd daemon is working and has been tested in a small network, this daemon:

The damasterd daemon is working and has been tested in a small network, this daemon:

* SSL encryption

TO_DO:

Project's Perforce Repository (CODE)

SOC2010SergioLigregni (last edited 2010-09-04 01:53:52 by SergioLigregni)