Date: Mon, 10 Feb 2003 18:03:07 -0800 (PST) From: Julian Elischer <julian@elischer.org> To: hackers@freebsd.org, des@freebsd.org Subject: Some "security" questions. Message-ID: <Pine.BSF.4.21.0302101752500.49102-100000@InterJet.elischer.org>
next in thread | raw e-mail | index | archive | help
Our client wants the following 'features' and we'd LIKE to be able to at least say "yes we can do that", even if we can also say "but we don't think it's a good idea". 1/ Command logging. We're thinking that a hacked version of the shell that logs commands may do what they want, but personally I think that if you are going to log things then you really want to PROPERLY do it, and log the EXEC commands along with the arguments. (sadmin et al. doesn't give arguments, and neither does ktrace) 2/ they want to disable a login if it fails 'n' sequential logins anywhere in the system. i.e. 2 on one machine followed by another on another machine. #2 sounds like a great DOS to me.. operator<CR> <CR> operator<CR> <CR> operator<CR> <CR> heh heh heh but they want it.. So, does anyone have any suggestions of how these can be achieved using exisiting s/w? I can immagine using pam_radius, and hacking a radius server to track login fails.. Anyone have any better ideas? Maybe a pam_module specially written? (hmmmm) Anyoone have any modules to REALLY log execs? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0302101752500.49102-100000>