From owner-freebsd-security Tue Jul 17 18:17:19 2001 Delivered-To: freebsd-security@freebsd.org Received: from prox.centtech.com (moat2.centtech.com [206.196.95.21]) by hub.freebsd.org (Postfix) with ESMTP id 401B037B405 for ; Tue, 17 Jul 2001 18:17:08 -0700 (PDT) (envelope-from anderson@centtech.com) Received: (from smap@localhost) by prox.centtech.com (8.9.3+Sun/8.9.3) id OAA05718; Tue, 17 Jul 2001 14:10:24 -0500 (CDT) Received: from sprint.centtech.com(10.177.173.31) by prox via smap (V2.1+anti-relay+anti-spam) id xma005640; Tue, 17 Jul 01 14:09:57 -0500 Received: from centtech.com (proton [10.177.173.77]) by sprint.centtech.com (8.9.3+Sun/8.9.3) with ESMTP id OAA05271; Tue, 17 Jul 2001 14:09:57 -0500 (CDT) Message-ID: <3B548D87.92EBEAD7@centtech.com> Date: Tue, 17 Jul 2001 14:09:59 -0500 From: Eric Anderson Reply-To: anderson@centtech.com Organization: Centaur Technology X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.14-5.0smp i686) X-Accept-Language: en MIME-Version: 1.0 To: nathan@corp.wac.com Cc: "jono@networkcommand.com" , freebsd-security@freebsd.org Subject: Re: Exec logging, FreeBSD Kernel Module. References: <20010717123422.A97994@rapid.black.pl> <20010717104227.A46090@networkcommand.com> <003401c10ef4$4b631bc0$f5c8a8c0@NATHAN> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Did you compile the snp pseudo-devices into your kernel, and make the devices? Works great for me.. Eric nathan@corp.wac.com wrote: > > to reply to your last message.. i've never been able to get watch to work > properly. has anyone else? > > ----- Original Message ----- > From: "Jon O ." > To: "Artur Meski" > Cc: > Sent: Tuesday, July 17, 2001 10:42 AM > Subject: Re: Exec logging, FreeBSD Kernel Module. > > > See below: > > > > > > # man watch > > WATCH(8) FreeBSD System Manager's Manual > WATCH(8) > > > > NAME > > watch - snoop on another tty line > > > > SYNOPSIS > > watch [-ciotnW] [tty] > > > > DESCRIPTION > > Watch allows the superuser to examine all data coming through a > specified > > tty. Watch writes to standard output. > > > > > > > > # man snp > > SNP(4) FreeBSD Kernel Interfaces Manual > SNP(4) > > > > NAME > > snp - tty snoop interface > > > > SYNOPSIS > > #include > > > > > > > > > > On 17-Jul-2001, Artur Meski wrote: > > > Hi. > > > > > > I'm looking for FreeBSD Kernel Module, which will log all executed > commands > > > by users. Could somebody help me? > > > > > > -- > > > Artur Meski [glash@freebsd.net.pl] [tel +48606494552] > [http://glash.black.pl/] > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message -- ------------------------------------------------------------------------------- Eric Anderson anderson@centtech.com Centaur Technology (512) 418-5792 For every complex problem, there is a solution that is simple, neat, and wrong. ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message