From owner-freebsd-security  Tue Jul 17  4: 5:19 2001
Delivered-To: freebsd-security@freebsd.org
Received: from cobweb.example.org (ams-clip-nat-ext1.cisco.com [64.103.37.2])
	by hub.freebsd.org (Postfix) with SMTP id C4E3937B403
	for <freebsd-security@freebsd.org>; Tue, 17 Jul 2001 04:05:06 -0700 (PDT)
	(envelope-from molter@tin.it)
Received: (qmail 3253 invoked by uid 1000); 17 Jul 2001 11:06:42 -0000
Date: Tue, 17 Jul 2001 13:06:42 +0200
From: Marco Molteni <molter@tin.it>
To: Artur Meski <glash@freebsd.net.pl>
Cc: freebsd-security@freebsd.org
Subject: Re: Exec logging, FreeBSD Kernel Module.
Message-ID: <20010717130642.A3183@cobweb.example.org>
References: <20010717123422.A97994@rapid.black.pl>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010717123422.A97994@rapid.black.pl>; from glash@freebsd.net.pl on Tue, Jul 17, 2001 at 12:34:22PM +0200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On 2001-07-17, Artur Meski wrote:
> Hi.
> 
> I'm looking for FreeBSD Kernel Module, which will log all executed commands 
> by users. Could somebody help me?

Artur, have a look at this. 

Marco

--------- begin forwarded message


Date: Wed, 11 Jul 2001 01:40:17 +0200 (CEST)
From: Andrzej Bialecki <abial@webgiro.com>
To: freebsd-hackers@freebsd.org
Subject: [ANNOUNCE] SPY-1.1 - syscall monitoring kernel module

Hi,I just uploaded an updated version of the SPY, which is a kernel module
that allows to selectively monitor and/or block execution of any
syscalls. This version works on relatively current -CURRENT (after the
struct proc changes). You can get it from:

        http://people.freebsd.org/~abial

See also the detailed description there.

I should be able also to provide a version for 4-STABLE soon, depending on
my time and availability of the machine...

Enjoy!

-- 

Andrzej

// ----------------------------------------------------------------
// Andrzej Bialecki <abial@webgiro.com>, Chief System Architect
// WebGiro AB, Sweden (http://www.webgiro.com)
// ----------------------------------------------------------------
// <abial@freebsd.org> FreeBSD developer (http://www.freebsd.org)


-------------- end forwarded message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message