Hi, Thanks to Alan, Bill, Reggie & Stoyan. I would also like to be able to log down commands of users who do not do "su" as sometimes certain files are owned by a group - one way I thought of logging is placing a 'script username.txt' in /etc/profile & based on which user logs in, vary username.txt accordingly but this one has a problem in that if we put 'exit' in /etc/profile, it does not quite exit properly). If only it works, I would be able to 'script' down every input keystroke +output into a text file. Using "sudo" methods partially achieves the objective only. Certainly, a banner will be placed to inform users that all their activities will be logged/monitored. Rgds Goh ========================== replies follows ============================== 1. Adjust the firewalls and sshd settings to allow ssh login only from one server. 2. Force everyone to login to that server as their own user. Log all traffic passing through that box in each separate ssh session. That's what one of the banks I am working in does. Alan Plse see http://www.sunfreeware.com and download 'sudo'. 'Sudo' will log every commaond executed by a user. This would mean, however, the the admins woudl not know the root passwd, however they would not need it. Regards, Reggie Beavers Hi, You could use separate logins for each of the administrators (separate accounts on the system), and then let them manage the machine (issue commands with superuser privileges) via sudo (http://www.sudo.ws/sudo/) Thus you can 1) get fine-grained control of who doing which and 2) log actions so you know that the command was issued by a specific account. Best Regards, Stoyan Genov ---- Pit-Ong.Ong.Goh@reuters.com on 2004-06-13 18:18:55:29 CEST (Sunday): ---- > Hello, > > There are several administrators to one of our critical Sun server (Solaris 7) > box & we would like to have some kind of keylogger to log down commands > (in particular changes) that are done to the system - in the same manner > Ciscoworks/TACACS could log down changes done by every user who > login to a Cisco device. Would be best if the keylogger can identify who > is typing what commands & store the files separately for each user. > > Thanks in advance, > Goh > > > _______________________________________________ > sunmanagers mailing list > sunmanagers@sunmanagers.org > http://www.sunmanagers.org/mailman/listinfo/sunmanagers --------------------------------------------------------------- - Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagersReceived on Mon Jun 14 03:50:39 2004
This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:32 EST