Security Basics mailing list archives
Re: Auditing / Logging
From: Frank Knobbe <frank () knobbe us>
Date: Tue, 13 Jan 2004 11:16:30 -0600
On Mon, 2004-01-12 at 17:17, Don Parker wrote:
Well, you raise a valid point as to the commands not being logged. Again I would prefer simplicity, so just install a keylogger. There is no need to overcomplicate things. Though a keylogger will not work on most *nix systems to my knowledge.
Don't even have to do that. Have you never heard of a 'snoop' device? You can just snoop/watch the tty session you are using for your tests and redirect it to a file. On BSD systems you can use: watch -o ttyXX > logfile Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: Auditing / Logging Don Parker (Jan 12)
- Re: Auditing / Logging R. DuFresne (Jan 12)
- <Possible follow-ups>
- Re: Auditing / Logging Don Parker (Jan 12)
- RE: Auditing / Logging eeefm (Jan 13)
- Re: Auditing / Logging Frank Knobbe (Jan 13)
- Re: Auditing / Logging Mike Hoskins (Jan 13)
- RE: Auditing / Logging Rob Shein (Jan 19)
- *warning* student question Aaron Scribner (Jan 19)
- RE: *warning* student question David Gillett (Jan 20)
- RE: *warning* student question Aaron Scribner (Jan 20)
- Re: *warning* student question Karma (Jan 20)
- RE: Auditing / Logging Steve Armstrong (Jan 19)
- RE: Auditing / Logging Rob Shein (Jan 19)