Vulnerability Development mailing list archives
Re: History Files
From: perly () XNET COM (Perly)
Date: Wed, 19 Apr 2000 16:38:50 -0500
The updated version (which fixes the repeaded argument bug) is available at www.xnet.com/~perly/exec.c ------------------------------------------------------------------------------- -= Perly < perly () xnet com > =- C maniac & BOFH int main() { return main(); } On Tue, 18 Apr 2000, George Dodd wrote:
There is a kernel module for Linux written by perly () xnet com that logs all commands executed on the system through syslog. Works very well for those of us that dont mind huge logfiles. Im not sure of the website where I found it though... George Dodd gdd () siliconinc net chris () STRICTLY NOSUCKAZ NET wrote:Okay, all this talk about bofh, and nobody has mentioned the easiest method of doing this, which is not new to linux and provides excellent accounting on what your users are doing, I'm not sure if this saves argv[1-x] but I think it does somehow, the base accounting log is enough. Turn on 'BSD Process Accounting' in your kernel and get the bsd process accounting package for your linux distribution. Now with the simple command: lastcomm, you see everything. The only other 'secure' way I can think of doing this, that would achieve the best results without using cludgy scripts or a massive overhead on some 'tail' process hanging off every shell's stdin fd, is have your shells patched to dump all input to a file or something. Process Accounting rocks though, I don't understand why your not using it already or why this wouldn't finish this thread. =) Chris. On Sat, 15 Apr 2000, audit wrote: `->Greeting's, `-> `->I admin a few Linux servers and have a question about user's .bash_history `->files. The users on the systems keep their history files but I would like `->to have what they type logged to /root/history/$user_history `->I know that this is not polite on my end or the other co-admin's but we `->need to know what our users are doing at all times. These are slackware `->boxes and some RedHat boxes. `-> `->Thanks `->
Current thread:
- Alternative to historyfile logging., (continued)
- Alternative to historyfile logging. Joel Eriksson (Apr 17)
- Re: History Files Joel Eriksson (Apr 17)
- Re: History Files spiff (Apr 18)
- Re: History Files Corwin J. Grey (Apr 16)
- Re: History Files Michael Jennings (Apr 16)
- Cooments on the dvwssr.dll vulnerability threads Iván Arce (Apr 17)
- Re: History Files Senior Systems Administrator - Kris W. (Apr 16)
- Re: History Files chris () STRICTLY NOSUCKAZ NET (Apr 15)
- quick dirty and most of all-easy process accounting via lkm Security Team (Apr 16)
- Re: History Files George Dodd (Apr 18)
- Re: History Files Perly (Apr 19)
- Re: History Files joyce (Apr 19)
- non-exec stack Lamagra Argamal (Apr 19)
- Weakness of static addr & MySQL database Tompkins, William A (Apr 20)
- Re: Weakness of static addr & MySQL database Jim Kinney (Apr 20)
- Re: History Files Jeff Bachtel (Apr 15)
- Re: History Files Ron DuFresne (Apr 15)
- Re: History Files Erik Fichtner (Apr 15)