From owner-freebsd-security@FreeBSD.ORG  Tue Jan  1 22:55:48 2008
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 523AF16A420
	for <freebsd-security@freebsd.org>;
	Tue,  1 Jan 2008 22:55:48 +0000 (UTC)
	(envelope-from jchambers@ucla.edu)
Received: from smtp-14.smtp.ucla.edu (smtp-14.smtp.ucla.edu [169.232.46.250])
	by mx1.freebsd.org (Postfix) with ESMTP id 1F2AA13C4E1
	for <freebsd-security@freebsd.org>;
	Tue,  1 Jan 2008 22:55:48 +0000 (UTC)
	(envelope-from jchambers@ucla.edu)
Received: from mail.ucla.edu (mail.ucla.edu [169.232.46.158])
	by smtp-14.smtp.ucla.edu (8.14.2/8.14.2) with ESMTP id m01MLhlH008874; 
	Tue, 1 Jan 2008 14:21:43 -0800
Received: from rome.local (ip8061f526.host.ucla.edu [128.97.245.38])
	(authenticated bits=0)
	by mail.ucla.edu (8.13.8/8.13.8) with ESMTP id m01MLgso028370
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Tue, 1 Jan 2008 14:21:43 -0800
Message-ID: <477ABD07.3020102@ucla.edu>
Date: Tue, 01 Jan 2008 14:21:59 -0800
From: Jason Chambers <jchambers@ucla.edu>
Organization: UCLA
User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031)
MIME-Version: 1.0
To: Anjang Aki <mailman.msc@gmail.com>
References: <bcd996c30801011144w431ad591mbcdac9711732ac3e@mail.gmail.com>
In-Reply-To: <bcd996c30801011144w431ad591mbcdac9711732ac3e@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Probable-Spam: no
X-Spam-Report: none
X-Scanned-By: smtp.ucla.edu on 169.232.46.250
Cc: freebsd-security@freebsd.org
Subject: Re: Tracking user's activity
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Jan 2008 22:55:48 -0000

Old, but good.

/usr/ports/security/snoopy/pkg-descr

snoopy is merely a shared library that is used as a wrapper
to the execve() function provided by libc as to log every call
to syslog (authpriv).  system administrators may find snoopy
useful in tasks such as light/heavy system monitoring, tracking other
administrator's actions as well as getting a good 'feel' of
what's going on in the system (for example apache running cgi
scripts).

WWW: http://sourceforge.net/projects/snoopylogger/



Anjang Aki wrote:
> Greetings,
>
> I've been looking for a proper way to to track down user's activity
> inside the shell as I'm helping my colleague to configure a web
> hosting and shell hosting server.
>
>