Mailinglist Archive: opensuse-security (320 mails)
| < Previous | Next > |
Log/Audit all user commands
- From: Ricardo Toma <rtoma@xxxxxxxxxxxx>
- Date: Wed, 28 May 2003 01:55:31 -0300 (ART)
- Message-id: <20030528045531.91965.qmail@xxxxxxxxxxxxxxxxxxxxxxx>
Hi, I am having a little problem I need to solve
quickly. I have one intruder (long to explain now)
which edited the passwd file and set his user with 0
id (as root). I don't want to block him. I want to log
all his actions, moves, commands, etc. How can I do
that?
Thanks in advance!
------------
Internet GRATIS es Yahoo! Conexión
4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo
Más ciudades: http://conexion.yahoo.com.ar
quickly. I have one intruder (long to explain now)
which edited the passwd file and set his user with 0
id (as root). I don't want to block him. I want to log
all his actions, moves, commands, etc. How can I do
that?
Thanks in advance!
------------
Internet GRATIS es Yahoo! Conexión
4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo
Más ciudades: http://conexion.yahoo.com.ar
| < Previous | Next > |