Thanks for your answer. Well, it's a good idea, but I
think it's too easey to discover it, delete or modify
the file...
--- Ulrich Roth
Hi, I am having a little problem I need to solve quickly. I have one intruder (long to explain now) which edited the passwd file and set his user with 0 id (as root). I don't want to block him. I want to log all his actions, moves, commands, etc. How can I do that? If he didn't disable it or uses another shell, you can have a look at his ~/.bash_history. Bye Uli -- Ulrich Roth IMPACT Business & Technology Consulting GmbH Im Mediapark 8 / KölnTurm D-50670 Koeln Phone +49-221-93 70 80-29 Fax +49-221-93 70 80-15 E-Mail: roth@impact.de
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
------------ Internet GRATIS es Yahoo! Conexión 4004-1010 desde Buenos Aires. Usuario: yahoo; contraseña: yahoo Más ciudades: http://conexion.yahoo.com.ar