LogAnalysis
[logs] CanSecWest 2008 CFP (deadline Nov 30,conf Mar 26-28) and PacSec Dojo's Nov 09 2007 04:24AM
Dragos Ruiu (dr kyx net) (1 replies)
[logs] How to log - commands and file access Nov 09 2007 08:25AM
david bigot devoteam com (7 replies)
Re: [logs] How to log - commands and file access Mar 03 2008 07:24AM
Cesare (tensi mclink it)
Re: [logs] How to log - commands and file access Nov 25 2007 12:48AM
Karl Vogel (vogelke pobox com)
RE: [logs] How to log - commands and file access Nov 12 2007 11:37PM
Kurt Buff (KBuff zetron com) (1 replies)
RE: [logs] How to log - commands and file access Nov 13 2007 10:01PM
David Corlette (dcorlette novell com) (1 replies)
Re: [logs] How to log - commands and file access Nov 13 2007 11:31PM
Matt Cuttler (mcuttler bnl gov)
Re: [logs] How to log - commands and file access Nov 12 2007 02:47PM
Mike Blomgren (mike blomgren tornado se) (1 replies)
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi,<br>
<br>
To log all commands from bash I have used Bash-BOFH. Found here:
<a class="moz-txt-link-freetext" href="http://www.ccitt5.net/archives/">http://www.ccitt5.net/archives/</
a><br>
<br>
It patches the bash source to send all commands to a syslog. It works
very well, but unfortunately requires bash 2.05, and doesn't work for 
the newer 3.0 AFAIK.<br>
<br>
~Mike<br>
<br>
<br>
<a class="moz-txt-link-abbreviated" href="mailto:david.bigot (at) devoteam (dot) com [email concealed]">david.bigot (at) devoteam (dot) com [email concealed]</a> wrote:
<blockquote
cite="mid:OFFDFF3E53.51B1C70A-ONC125738E.002E3425-C125738E.002E4E89@devo
team.com"
type="cite"><br>
<font face="sans-serif" size="2">Hello,<br>
<br>
I want to known for a customer, how to log automatically on UNIX and
Linux
system :<br>
- all commands executed (in BASH, ZSH & co ...). I know but the
file
~/.(ba)sh_history but I prefer a global file or through syslog.<br>
- all file access by process and username in real-time (not static) or
if it's not possible, which process and username access to some files
(or
directory) like /etc/shadow, /data/ ...<br>
<br>
Regards,</font>
<br>
<font face="sans-serif" size="2">---------------------------------------------------------------
-------<br>
David Bigot - Consultant sécurité<br>
Apogée Communications - Groupe DEVOTEAM<br>
86, rue Anatole France<br>
92300 Levallois-Perret<br>
téléphone: ()1.41.49.58.04<br>
email: <a class="moz-txt-link-abbreviated" href="mailto:david.bigot (at) apogee-com (dot) fr [email concealed]">david.bigot (at) apogee-com (dot) fr [email concealed]</a></f
ont>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
LogAnalysis mailing list
<a class="moz-txt-link-abbreviated" href="mailto:LogAnalysis (at) loganalysis (dot) org [email concealed]">LogAnalysis (at) loganalysis (dot) org [email concealed]</a
>
<a class="moz-txt-link-freetext" href="http://www.loganalysis.org/mailman/listinfo/loganalysis">http://ww
w.loganalysis.org/mailman/listinfo/loganalysis</a></pre>
</blockquote>
<br>
</body>
</html>
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]
Re: [logs] How to log - commands and file access Nov 12 2007 03:15PM
david bigot devoteam com (1 replies)
Re: [logs] How to log - commands and file access Nov 13 2007 04:07AM
Anton Chuvakin (anton chuvakin org)
Re: [logs] How to log - commands and file access Nov 09 2007 08:09PM
Anton Chuvakin (anton chuvakin org) (2 replies)
Re: [logs] How to log - commands and file access Nov 10 2007 03:49PM
James B Horwath (Jim_Horwath glic com)
Re: [logs] How to log - commands and file access Nov 10 2007 02:21AM
James Turnbull (james lovedthanlost net)
Re: [logs] How to log - commands and file access Nov 09 2007 07:38PM
Vincent Bernat (bernat luffy cx)
Re: [logs] How to log - commands and file access Nov 09 2007 07:10PM
Stephen John Smoogen (smooge gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus