From owner-freebsd-security Fri Aug 28 02:02:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA21130 for freebsd-security-outgoing; Fri, 28 Aug 1998 02:02:09 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns0.fast.net.uk (ns0.fast.net.uk [194.207.104.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA21051 for ; Fri, 28 Aug 1998 02:02:00 -0700 (PDT) (envelope-from netadmin@fastnet.co.uk) Received: from na.nu.na.nu (bofh.fast.net.uk [194.207.104.22]) by ns0.fast.net.uk (8.9.0/8.8.7) with ESMTP id KAA15603 for ; Fri, 28 Aug 1998 10:01:05 +0100 (BST) Received: from na.nu.na.nu (bofh.fast.net.uk [194.207.104.22]) by na.nu.na.nu (8.8.8/8.8.8) with SMTP id KAA13513 for ; Fri, 28 Aug 1998 10:01:04 +0100 (BST) (envelope-from netadmin@fastnet.co.uk) Date: Fri, 28 Aug 1998 10:01:04 +0100 (BST) From: Jay Tribick X-Sender: netadmin@na.nu.na.nu To: security@FreeBSD.ORG Subject: Re: Shell history In-Reply-To: <199808280814.BAA07281@burka.rdy.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org | > | It won't tell you much. Not in its' current state. It would be a good idea | > | to extend acct to log everything, including program switches and (possibly) | > | some stuff from the enviroment. Also it would be a good idea to be able | > | to log information on per-user basis. | > | > Could we not modify the [kernel] to log all activity on the ttyp's to | > a file? | | Yeah. You'll need to modify telnetd/rlogind/sshd/etc to do it. Hmm.. when I said 'we' I didn't actually mean me included ;) Regards, Jay Tribick -- [| Network Administrator | FastNet International | http://fast.net.uk/ |] [| Finger netadmin@fastnet.co.uk for contact information |] [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message