search for: kg6hac

> > >What do you recommend for keeping track of user >activities? For preserving bash histories I followed >these recommendations: > >http://www.defcon1.org/secure-command.html > Interesting reading but, as others have noted, of limited use. Keystroke logging can be disabled by - as others have noted - either spawning another (perhaps different) shell, using a remote

>Date: Sun, 17 Oct 2004 10:41:14 -0400 (EDT) >From: Yan Wang <ywang4@cs.pitt.edu> >Subject: TCFS on FreeBSD > > >I tried to port Transparent Cryptographic File System >(http://www.tcfs.it) OpenBSD version to FreeBSD 4.8, but failed. Has >any one tried this before? How much modification is needed? Any info is >appreciated. > >Thanks, > >Yan > >

Hello, What do you recommend for keeping track of user activities? For preserving bash histories I followed these recommendations: http://www.defcon1.org/secure-command.html They include using 'chflags sappnd .bash_history', enabling process accounting, and the like. My goal is to "watch the watchers," i.e. watch for abuse of power by SOC people with the ability to view

> > >Date: Sat, 12 Jun 2004 13:15:33 +0200 >From: "Peter Rosa" <prosa@pro.sk> >Subject: Hacked or not ? >To: "FreeBSD Security" <freebsd-security@freebsd.org> >Message-ID: <016301c4506e$947644e0$3501a8c0@pro.sk> > >Hi all, > >please advice me - I was on holidays for one week. After return I found in >security mails from

>I'm trying to get veracity (http://www.rocksoft.com/veracity/), a tripwire >replacement, working on FreeBSD 5.x. When I try and create a snapshot I get >the following error for files sitting on my root partition: > >-- snip snip -- > > csh.logout > E: Error opening binary (B) stream of file > "/etc/csh.logout". > (OS error

From: "Biyala, Urvi" <Urvi.Biyala@bankofamerica.com> >I need to trim the world read permissions from the system sensitive files. I know that it would be safe to trim the permissions from many of the configuration files in /etc. But I was not sure if I could safely tighten the permissions form other system files. Does any one know of any documentation on this. Or can any one

Duncan writes: >Howyd all? Seems that I have been routed. Possibly >by a physical B&E, but who knows? Probably some >of you do.... anyways, some politically sensitive >email was deleted from a user account and the >line > >low -tr & > >inserted into my .xinitrc . > >Duncan (Dhu) Campbell > I didn't see a lot of feedback that struck me as