MDS Admin Audit

One thing auditors want to know is which MDS admins have access to what and how has that changed over time. Yeah you could use the GUI, but easier to just dump them to text and send email.

Well, its not perfect, but here is a perl script that will text dump MDS users and their permissions. I want to modify it to print in CSV and show the deltas. Work in progress.

Admin Audit Perl Script

Had this for years and used it recently.

Sooooo….wait no longer, the Admin Audit perl script is here:

  1.  Retrieve the $MDSDIR/conf/mdsdb/cp-admins.C file
  2. Put on local system where you have perl running
  3. ./cp-audit.pl cp-admins.C
  4. Waaaaala

dreez

 

Advertisements
Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

blog.lachmann.org

Michael Endrizzi's - St. Paul MN - CheckPoint blog on topics related to Check Point products and security in general.

%d bloggers like this: