From owner-freebsd-security Tue Jul 17 12:11: 8 2001 Delivered-To: freebsd-security@freebsd.org Received: from virtual-voodoo.com (virtual-voodoo.com [204.120.165.254]) by hub.freebsd.org (Postfix) with ESMTP id AA93D37B403 for ; Tue, 17 Jul 2001 12:10:51 -0700 (PDT) (envelope-from steve@virtual-voodoo.com) Received: from inlafrec (80.winstar.net [63.140.3.80] (may be forged)) (authenticated) by virtual-voodoo.com (8.11.4/8.11.4) with ESMTP id f6HJAel74107; Tue, 17 Jul 2001 14:10:40 -0500 (EST) (envelope-from steve@virtual-voodoo.com) Message-ID: <020f01c10ef3$db082370$50038c3f@eservoffice.com> From: "Steven Ames" To: , "jono@networkcommand.com" Cc: References: <20010717123422.A97994@rapid.black.pl> <20010717104227.A46090@networkcommand.com> <003401c10ef4$4b631bc0$f5c8a8c0@NATHAN> Subject: Re: Exec logging, FreeBSD Kernel Module. Date: Tue, 17 Jul 2001 14:08:25 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Sure. However you have to have 'snp' devices configured into the kernel. device snp In 4.X that may read something more like: device snp 1 I don't remember. -Steve ----- Original Message ----- From: To: "jono@networkcommand.com" Cc: Sent: Tuesday, July 17, 2001 2:11 PM Subject: Re: Exec logging, FreeBSD Kernel Module. > > to reply to your last message.. i've never been able to get watch to work > properly. has anyone else? > > > ----- Original Message ----- > From: "Jon O ." > To: "Artur Meski" > Cc: > Sent: Tuesday, July 17, 2001 10:42 AM > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > > See below: > > > > > > # man watch > > WATCH(8) FreeBSD System Manager's Manual > WATCH(8) > > > > NAME > > watch - snoop on another tty line > > > > SYNOPSIS > > watch [-ciotnW] [tty] > > > > DESCRIPTION > > Watch allows the superuser to examine all data coming through a > specified > > tty. Watch writes to standard output. > > > > > > > > # man snp > > SNP(4) FreeBSD Kernel Interfaces Manual > SNP(4) > > > > NAME > > snp - tty snoop interface > > > > SYNOPSIS > > #include > > > > > > > > > > On 17-Jul-2001, Artur Meski wrote: > > > Hi. > > > > > > I'm looking for FreeBSD Kernel Module, which will log all executed > commands > > > by users. Could somebody help me? > > > > > > -- > > > Artur Meski [glash@freebsd.net.pl] [tel +48606494552] > [http://glash.black.pl/] > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message