Install and Enable auditd Service (Scored) Install and turn on the auditd daemon to record system events.

The capturing of system events provides system administrators with information to allow them to determine if unauthorized access to their system is occurring. Fix: Install auditd: # apt-get install auditd If needed create proper start links for auditd in /etc/rc*.d by running the following command from each of the relevant directories: # ln -s ../init.d/auditd S37auditd Start links should be created for run levels 2, 3, 4, and 5.