Re: Sebek y and z

[Edward Balas <ebalas () iu edu>]

On Feb 4, 2004, at 10:14 AM, Rick S. wrote:

> I notice that Sebek does not pick up on the 'y' and 'z' characters. Am 
> I
> doing something wrong?

This was a bug in an older version of sbk_ks_logl.pl.  I have just 
reconfirmed that this bug is not currently present in the 2.1.6 version 
of sbbk_ks_log.pl.  From
the looks of it I would speculate that you are running al old version 
of the script.

> setup:
> 2.4.24 kernel
> Sebek-server-2.1.6 (port 747)
> Sebek-2.1.5 (port 747)
>
> server command:
> sbk_extract -i eth0 -p 747 | sbk_ks_log.pl
>
>
> second question.
> in sbk_install.sh, for KEYSTROKE_ONLY when set to 0 what else does it
> send?

Sebek is not just a keystroke logger, it has the ability to capture all 
sys_read activity.  By setting this option to 0 you are telling sebek 
to record all read data.  For instance if you want to recover files 
copied with scp you would need to set KEYSTROKES_ONLY to 0 and use the 
available web interface which supports this capability.


> Rick S.