logging keystrokes (was encrypted filesystems)

Cedric cedric.de.wijs at softhome.net
Thu Jan 8 06:08:26 PST 2004


At 09:11 PM 1/6/04 -0600, you wrote:

> > I've been looking to ways to get some sort of keylogging going at my lfs
> > box. I was thinking about catching the io form bash and put it into a
> > logfile, my first attempt is this:
> > bash 2>&1 | tee /somewhere/log.file
> > It doesn't add to the security of the box, but then you can see what the
> > hacker was doing (unless he finds it and deletes the logfiles)
>http://www.honeynet.org/tools/bash.patch
>http://www.honeynet.org/tools/bash-anton.patch
>see http://www.honeynet.org/tools/index.html for descriptions
I read the article about the script util , and it looks promising. There is 
only one drawback: the script utility only writes the log when a user logs 
off. When i build a lfs system the user lfs stays logged on for hours. This 
cost some memory (a full toolchain log is about a meg in size) and i can't 
use it as a large scroll back buffer. Are there solutions which keep a 
(almost, a few seconds delay is fine) real-time archive?

Regards,

Cedric,

Linux believer since KNOPPIX 3.2 / LFS 4.0 / LINUX 2.4.21 / Gcc 3.2
-------------- next part --------------

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.558 / Virus Database: 350 - Release Date: 1/2/04


More information about the hlfs-dev mailing list