RE: Sebek like tool on Solaris?

["Bojan Zdrnja" <Bojan.Zdrnja () LSS hr>]

One of the most famous keylogging solutions on Solaris is definetly
tty-watcher by En Garde Systems.

You can find it at:

http://www.engarde.com/software/

I don't know how it will scale on newer Solaris'es because I used it last
time on Solaris 2.6 so you might have some problems making it work on latest
Solaris versions.

My colleague and I also wrote a part which enabled it to log everything on
remote host, by sending data through encrypted UDP packets, as well as
logging on the local host. In addition we wrote a player utility which can
play those logs.

If you'll need that let me know, I can probably dig out those rusty sources
somewhere - only be aware that I didn't work on newer Solaris than 2.6 with
that.

Best regards,

Bojan Zdrnja

> -----Original Message-----
> From: Richard Stevens [mailto:mail () richardstevens de] 
> Sent: Thursday, 19 June 2003 12:43 a.m.
> To: honeypots () securityfocus com
> Subject: Sebek like tool on Solaris?
>
>
> Hi,
>
> are there any good keylogging solutions to deploy on Solaris targets?
>
> Thanks,
>
> Richard