Date: Tue, 23 Jan 1996 14:08:18 +1100 (EST) From: Anthony Hill <ahill@interconnect.com.au> To: David Brockus <dbrockus@cyberhall.com> Cc: freebsd-security@freebsd.org Subject: Re: Logging user activity Message-ID: <Pine.BSI.3.91.960123134711.25661B-100000@tulpi.interconnect.com.au> In-Reply-To: <Pine.BSF.3.91.960122122451.602C-100000@cyber1.cyberhall.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Anthony Hill ahill@connect.com.au On Mon, 22 Jan 1996, David Brockus wrote: > I am running FreeBSD 2.0.5R system. I believe there is a "hacked" > account on the system I maintain. I would to extensively monitor this > users activity. I want to log everything. Any there any suggestion on > how to set this up or can anybody recommend any packages to do this? > Thanks in advance. Not for 2.05, but 2.1 has the really evil/cool "watch", which lets you view/log EVERYTHING that goes through any other tty. You have to compile the "snoop" device into you kernel, then just type "watch 'tty'" ! You can even control the other guys tty. (Dont let the bad guys get hold of this one !) Anthony Hill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.91.960123134711.25661B-100000>