Re: Auditing / Logging
From: Frank Knobbe (frank_at_knobbe.us)
Date: 01/13/04
- Previous message: Aditya [ Aditya Lalit Deshmukh ]: "RE: Spyware drama!"
- In reply to: Don Parker: "Re: Auditing / Logging"
- Next in thread: Mike Hoskins: "Re: Auditing / Logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Don Parker <dparker@rigelksecurity.com> Date: Tue, 13 Jan 2004 11:16:30 -0600
On Mon, 2004-01-12 at 17:17, Don Parker wrote:
> Well, you raise a valid point as to the commands not being logged.
> Again I would prefer simplicity, so just install a keylogger. There
> is no need to overcomplicate things. Though a keylogger will not work
> on most *nix systems to my knowledge.
Don't even have to do that. Have you never heard of a 'snoop' device?
You can just snoop/watch the tty session you are using for your tests
and redirect it to a file.
On BSD systems you can use: watch -o ttyXX > logfile
Cheers,
Frank
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Aditya [ Aditya Lalit Deshmukh ]: "RE: Spyware drama!"
- In reply to: Don Parker: "Re: Auditing / Logging"
- Next in thread: Mike Hoskins: "Re: Auditing / Logging"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
