Re: [TCLUG:17672] Security question

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:17672] Security question
From: Scott Dier - dieman <dieman@ringworld.org>
Date: Mon, 15 May 2000 10:43:50 -0500 (CDT)
In-Reply-To: <1EB5C5E46E0@main.daily.umn.edu>

On Mon, 15 May 2000, Benjamin Exley wrote:

> We have a user here that has been acting a bit suspiciously of 
> late, and we would like to get a record of one of his shell sessions. 

Why not just keep an eye on the user's activity on the system via normal
logging and then just /bin/false their account when you feel that
something is odd.

Then have them come by and ask them whats going on.

It's generally eaiser to get the story, than watch someone over their
sholder i think.  If they continue to mess around and do strange stuff.
Figure out if you really want them on your systems.

Good luck!

-- 
Scott Dier <dieman@ringworld.org> #nicnac@efnet 
http://www.ringworld.org/  finger:dieman@destiny.ringworld.org

Wait. Watch. Wonder.
	-J

http://sluggy.com/d/971226.html

References:
- Security question
  - From: "Benjamin Exley" <bexley@daily.umn.edu>

Prev by Date: Re: [TCLUG:17672] Security question
Next by Date: Re: [TCLUG:17673] LBA mode
Prev by thread: Re: [TCLUG:17672] Security question
Next by thread: Re: [TCLUG:17672] Security question
Index(es):
- Date
- Thread