Security Basics mailing list archives
Re: login session transcript
From: Jonathan Loh <kj6loh () yahoo com>
Date: Wed, 29 Sep 2004 13:45:41 -0700 (PDT)
First off let me reiterate. You should seriously rethink your decision. But if you must, then consider logging to a second machine. A machine that is not important, since this would also lead to a possible compromise of that machine. But, remember you are giving root away, so they can easily redirect the logs from your server somewhere else other than the second machine. --- "Jonathan C. Detert" <detertj () msoe edu> wrote:
Hello, I need to give a vendor shell access to a freeBSD system I run, and worse yet, I need to give them root access. I want to know everything the vendor does while logged in. I'm thinking of making the vendor's login shell be 'script -q -a <somefilename>' but : a) i don't want the vendor to be able to delete the logfile b) it would be nice if the vendor wouldn't know his activity was being logged Does anyone have a better suggestion for me than to use script? Does anyone have an idea how to address points a) and b) ? Thanks -- Happy Landings, Jon Detert IT Systems Administrator, Milwaukee School of Engineering 1025 N. Broadway, Milwaukee, Wisconsin 53202
__________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail
Current thread:
- login session transcript Jonathan C. Detert (Sep 29)
- RE: login session transcript Alexandre Skyrme (Sep 30)
- Re: login session transcript Zachary Shay (Sep 30)
- Re: login session transcript Fabio Miranda Hamburger (Sep 30)
- Re: login session transcript xyberpix (Sep 30)
- Re: login session transcript Jonathan Loh (Sep 30)
- <Possible follow-ups>
- Re:login session transcript Ghaith Nasrawi (Sep 30)