Date: Mon, 13 Jul 1998 12:56:40 -0500 From: "Rafael A. Reta Rodriguez" <rafareta@mexcom.net.mx> To: "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: Q: Logging a telnet session Message-ID: <35AA4A58.72DDC058@mexcom.net.mx> References: <19980712094453.K23241@freebie.lemis.com> <XFMail.980712112415.malte@webmore.com> <19980712191108.M754@freebie.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Greg Lehey wrote: > > On Sunday, 12 July 1998 at 11:24:15 +0200, Malte Lance wrote: > > > > On 12-Jul-98 Greg Lehey wrote: > >> On Saturday, 11 July 1998 at 19:07:40 +0200, Malte Lance wrote: > >>> > >>> On 10-Jul-98 Greg Lehey wrote: > >>>> On Friday, 10 July 1998 at 10:56:58 +0200, Malte Lance wrote: > >>>>> On 10-Jul-98 Elliot Finley wrote: > >>>>>> Hello, > >>>>>> Is there anyway to log a telnet session into my machine? I have > >>>>>> a user that telnets in, and I suspect malicious intent from him. Is > >>>>>> there any way to log every keystroke that he types? > >>>>> > >>>>> Have a look at "man watch" > >>>>> You'll need snp-pseudo-devices in your kernel-config. > >>>> > >>>> Unfortunately this only works at the originating end. But it works > >>>> pretty well there. > >>> > >>> Not that i know of such a restriction. Maybe i misunderstood your reply. > >> > >> Watch applies to a tty device. There are no tty devices involved at > >> the telnetd end. > > > > So what about the ttyp<n> ??? > > > > neuron:~> w > > 11:21am up 14 mins, 7 users, load averages: 0.24, 0.23, 0.19 > > USER TTY FROM LOGIN@ IDLE WHAT > > malte p5 vampire 11:20am - (bash) > > > > and "watch -iW ttyp5" works very well. What is your point ? > > Touché. I forgot about that. > > Greg I add the pseudo-device snp line and recompiled my kernel but I still get the same message watch: fatal: cannot open snoop device Is there something else to do? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35AA4A58.72DDC058>