[Gllug] Shutdown Stopped
Dean Wilson
dean.wilson3 at virgin.net
Sat Oct 19 15:04:17 UTC 2002
---- Original Message -----
From: "Walid Shaari" <walid at melinux.com>
> > retrive them from $UID but its handeled by a process that really is
root
> > (Doh! Should have realised that) so that fails.
> I have read somewhere that the honeynet project uses a customized bash
> to enable key logging, it is an overkill but it is one of the host
> security audit tools
Last time i looked at the honeynet project they had a nice little
arrangement where all bash commands were sent out via syslog to a hardened
syslog server as well as being locally logged so they had an off the box
record.
In this case i'll agree that its overkill. I'll just have to parse some
logs and work out who did it whenever it happens.
Dean
--
Profanity is the one language all programmers understand
--- Anon
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list