Date: Fri, 28 Aug 1998 01:14:53 -0700 (PDT) From: dima@best.net (Dima Ruban) To: netadmin@fastnet.co.uk (Jay Tribick) Cc: security@FreeBSD.ORG Subject: Re: Shell history Message-ID: <199808280814.BAA07281@burka.rdy.com> In-Reply-To: <Pine.BSF.3.96.980828085425.13172C-100000@na.nu.na.nu> from Jay Tribick at "Aug 28, 1998 8:55:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Jay Tribick writes: > > | > > What if the user would be to switch shell or to install their own? > | > > I do not think one should depend on shell history to log all what > | > > user does. How would YOU monitor what your users are > | > > doing if you had to? > | > > | > accton(8), lastcomm(1) > | > | It won't tell you much. Not in its' current state. It would be a good idea > | to extend acct to log everything, including program switches and (possibly) > | some stuff from the enviroment. Also it would be a good idea to be able > | to log information on per-user basis. > > Could we not modify the [kernel] to log all activity on the ttyp's to > a file? Yeah. You'll need to modify telnetd/rlogind/sshd/etc to do it. > > Regards, > > Jay Tribick > -- > [| Network Administrator | FastNet International | http://fast.net.uk/ |] > [| Finger netadmin@fastnet.co.uk for contact information |] > [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808280814.BAA07281>