[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IDS: snooping on RH?
FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner@uow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomo@uow.edu.au
---------------------------------------------------------------------------
---
take me off your mailing address, PLEASE!!!!!!!!!!!!!!!!
CyberPsychotic wrote:
> FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
> IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
> HELP: Having problems... email questions to ids-owner@uow.edu.au
> NOTE: Remove this section from reply msgs otherwise the msg will bounce.
> SPAM: DO NOT send unsolicted mail to this list.
> USUBSCRIBE: email "unsubscribe ids" to majordomo@uow.edu.au
> ---------------------------------------------------------------------------
> ---
> ~ Does anyone know of any ports of ttywatcher for linux (specifically redhat)?
> ~
> ~ I've been looking for something good to monitor potential problem-users for
> ~ a while, Any suggestions?
> ~
>
> if you have root on machine, where you want to monitor your users, you
> could use ttysnoop which is `troyaned' replacement for in.telnetd daemon.
> Alternatively there were some linux kernel hacks featured in Phrack's 50th
> issue called linspy. I also was writing the similar tool which could let
> you watch all telnet-connected terminals in your local network, but I
> never managed to make it up so anyone but me could play with it..