|
-
February 25th, 2003, 01:48 PM
#1
Junior Member
 Logging all commands
Good Afternoon Everyone.
As most are aware, on the majority of *Nix Systems, all accounts have a history file that logs what they type.
The problem I have with this, is that certain users connect, then SU to other users, and issue commands. History does not differentiate between those that logged in as the account and those that su-ed to the account.
Is there any way of logging these?
Can a connection history be logged to one file, no matter if they su-ed to another account?
Any help, suggestions, tips are most welcome.
Thanks
Pink ribbon scars, That never forget
I tried so hard, To cleanse these regrets
My angel wings, Were bruised and restrained
My belly stings
-
February 25th, 2003, 02:01 PM
#2
I don't think that can be done..
But then again.. what do I know 
ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !
-
March 19th, 2003, 09:56 AM
#3
Junior Member
not by default.. although you could code an LKM to log keys pressed, but this is messy. when a user su's to another account, the history will go into that account's history file.
-
March 19th, 2003, 10:12 AM
#4
you can use keylogger if your want. try www.invisblekeylogger.com
-
March 19th, 2003, 11:22 AM
#5
Actually, there is something that's being used by the HoneyNet Project. And it's a special bash shell keylogger.
This patch relies on syslogd.
http://www.honeynet.org/papers/honey...ols/bash.patch
This second patch doesn't. The keystrokes can be sent elsewhere via UDP, ensuring that if the localhost's syslog get's pooched there still is a record of activity.
http://www.honeynet.org/papers/honey...sh-anton.patch
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
