[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Command logging in kernel

To: tech_(_at_)_openbsd_(_dot_)_org
Subject: Re: Command logging in kernel
From: "Jeremy C. Reed" <reed_(_at_)_reedmedia_(_dot_)_net>
Date: Mon, 5 Aug 2002 09:11:39 -0700 (PDT)
Cc: Brian Pontz <brian_(_at_)_mothra_(_dot_)_axehind_(_dot_)_com>

On Sun, 4 Aug 2002, tedu wrote:

> On Sun, 4 Aug 2002, Brian Pontz wrote:
>
> > I'm trying to make some patches for people that use OpenBSD
> > honeypots. Basically I want to log all shell commands made to a
> > file or syslog. I have already made some patches for the linux kernel but
> > now I want to do it for the OpenBSD kernel. Can anyone direct me to the
> > file to start with? I'm guessing it's in src/sys somewhere?
>
> read man accton.  it should be a lot faster than making a patch. :)

You may also want to see my article:

Process accounting with lastcomm and sa
 Do you ever wonder what commands are running on your system? Do you want
 to find the time a particular command was executed? Or do you want to
 analyze your server's performance? By enabling process accounting you can
 find information about previously executed commands and past system
 resource usage.
http://www.bsdtoday.com/2001/January/Features385.html

But it will not work for logging all "shell commands" ...

   Jeremy C. Reed
   http://bsd.reedmedia.net/

Prev by Date: 域名注册
Next by Date: MDaemon Warning - Virus Found
Previous by thread: Command logging in kernel
Next by thread: 域名注册
Index(es):
- Date
- Thread

Visit your host, monkey.org