From owner-freebsd-questions Sun Jul 12 02:41:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA05099 for freebsd-questions-outgoing; Sun, 12 Jul 1998 02:41:37 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from freebie.lemis.com (freebie.lemis.com [139.130.136.133]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA05084 for ; Sun, 12 Jul 1998 02:41:24 -0700 (PDT) (envelope-from grog@freebie.lemis.com) Received: (from grog@localhost) by freebie.lemis.com (8.9.0/8.9.0) id TAA26308; Sun, 12 Jul 1998 19:11:09 +0930 (CST) Message-ID: <19980712191108.M754@freebie.lemis.com> Date: Sun, 12 Jul 1998 19:11:08 +0930 From: Greg Lehey To: malte@webmore.com Cc: Elliot Finley , freebsd-questions@FreeBSD.ORG Subject: Re: Q: Logging a telnet session References: <19980712094453.K23241@freebie.lemis.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 0.91.1i In-Reply-To: ; from Malte Lance on Sun, Jul 12, 1998 at 11:24:15AM +0200 WWW-Home-Page: http://www.lemis.com/~grog Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-41-739-7062 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sunday, 12 July 1998 at 11:24:15 +0200, Malte Lance wrote: > > On 12-Jul-98 Greg Lehey wrote: >> On Saturday, 11 July 1998 at 19:07:40 +0200, Malte Lance wrote: >>> >>> On 10-Jul-98 Greg Lehey wrote: >>>> On Friday, 10 July 1998 at 10:56:58 +0200, Malte Lance wrote: >>>>> On 10-Jul-98 Elliot Finley wrote: >>>>>> Hello, >>>>>> Is there anyway to log a telnet session into my machine? I have >>>>>> a user that telnets in, and I suspect malicious intent from him. Is >>>>>> there any way to log every keystroke that he types? >>>>> >>>>> Have a look at "man watch" >>>>> You'll need snp-pseudo-devices in your kernel-config. >>>> >>>> Unfortunately this only works at the originating end. But it works >>>> pretty well there. >>> >>> Not that i know of such a restriction. Maybe i misunderstood your reply. >> >> Watch applies to a tty device. There are no tty devices involved at >> the telnetd end. > > So what about the ttyp ??? > > neuron:~> w > 11:21am up 14 mins, 7 users, load averages: 0.24, 0.23, 0.19 > USER TTY FROM LOGIN@ IDLE WHAT > malte p5 vampire 11:20am - (bash) > > and "watch -iW ttyp5" works very well. What is your point ? Touché. I forgot about that. Greg -- See complete headers for address and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message