SecurityFocus

[logs] CanSecWest 2008 CFP (deadline Nov 30,conf Mar 26-28) and PacSec Dojo's Nov 09 2007 04:24AM
Dragos Ruiu (dr kyx net) (1 replies)

[logs] How to log - commands and file access Nov 09 2007 08:25AM
david bigot devoteam com (7 replies)

Re: [logs] How to log - commands and file access Mar 03 2008 07:24AM
Cesare (tensi mclink it)

Re: [logs] How to log - commands and file access Nov 25 2007 12:48AM
Karl Vogel (vogelke pobox com)

RE: [logs] How to log - commands and file access Nov 12 2007 11:37PM
Kurt Buff (KBuff zetron com) (1 replies)

RE: [logs] How to log - commands and file access Nov 13 2007 10:01PM
David Corlette (dcorlette novell com) (1 replies)

Re: [logs] How to log - commands and file access Nov 13 2007 11:31PM
Matt Cuttler (mcuttler bnl gov)

Re: [logs] How to log - commands and file access Nov 12 2007 02:47PM
Mike Blomgren (mike blomgren tornado se) (1 replies)

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi, 
 
To log all commands from bash I have used Bash-BOFH. Found here:
<a class="moz-txt-link-freetext" href="http://www.ccitt5.net/archives/">http://www.ccitt5.net/archives/</
a> 
 
It patches the bash source to send all commands to a syslog. It works
very well, but unfortunately requires bash 2.05, and doesn't work for
the newer 3.0 AFAIK. 
 
~Mike 
 
 
<a class="moz-txt-link-abbreviated" href="mailto:david.bigot (at) devoteam (dot) com [email concealed]">david.bigot (at) devoteam (dot) com [email concealed]</a> wrote:
<blockquote
cite="mid:OFFDFF3E53.51B1C70A-ONC125738E.002E3425-C125738E.002E4E89@devo
team.com"
type="cite"> 
Hello, 
 
I want to known for a customer, how to log automatically on UNIX and
Linux
system : 
- all commands executed (in BASH, ZSH & co ...). I know but the
file
~/.(ba)sh_history but I prefer a global file or through syslog. 
- all file access by process and username in real-time (not static) or
if it's not possible, which process and username access to some files
(or
directory) like /etc/shadow, /data/ ... 
 
Regards,
 
---------------------------------------------------------------
------- 
David Bigot - Consultant sécurité 
Apogée Communications - Groupe DEVOTEAM 
86, rue Anatole France 
92300 Levallois-Perret 
téléphone: ()1.41.49.58.04 
email: <a class="moz-txt-link-abbreviated" href="mailto:david.bigot (at) apogee-com (dot) fr [email concealed]">david.bigot (at) apogee-com (dot) fr [email concealed]</a></f
ont>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
LogAnalysis mailing list
<a class="moz-txt-link-abbreviated" href="mailto:LogAnalysis (at) loganalysis (dot) org [email concealed]">LogAnalysis (at) loganalysis (dot) org [email concealed]</a
>
<a class="moz-txt-link-freetext" href="http://www.loganalysis.org/mailman/listinfo/loganalysis">http://ww
w.loganalysis.org/mailman/listinfo/loganalysis</a></pre>
</blockquote>
 
</body>
</html>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]

Re: [logs] How to log - commands and file access Nov 12 2007 03:15PM
david bigot devoteam com (1 replies)

Re: [logs] How to log - commands and file access Nov 13 2007 04:07AM
Anton Chuvakin (anton chuvakin org)

Re: [logs] How to log - commands and file access Nov 09 2007 08:09PM
Anton Chuvakin (anton chuvakin org) (2 replies)

Re: [logs] How to log - commands and file access Nov 10 2007 03:49PM
James B Horwath (Jim_Horwath glic com)

Re: [logs] How to log - commands and file access Nov 10 2007 02:21AM
James Turnbull (james lovedthanlost net)

Re: [logs] How to log - commands and file access Nov 09 2007 07:38PM
Vincent Bernat (bernat luffy cx)

Re: [logs] How to log - commands and file access Nov 09 2007 07:10PM
Stephen John Smoogen (smooge gmail com)