Don't you just hate crackers?
Ok, I have a user on my server who is always causing trouble. He is constantly trying to get into files, change stuff, get users passwords, etc. I was wondering if Linux has a built in keystroke log, or event log of some sort that I may use to track his movements.
Thanks,
Robert
PS. Using Red Hat Linux 8.0 on x86
You can Google for your keywords and come up with many keystroke logging programs for linux.
See man script. Script can be used to collect keystroke information for an entire session. As Neo pointed out, there are plenty of choices available to you. Search google.
Also, if the particular user has been foolhardy enough to leave history enabled in their shell (and providing you're root), you can look at their $HOME/.sh_history (or .history, .bash_history, whatever) and see which commands they've been issuing.... Also, check the lastcomm command if it's available on your system.
Cheers
ZB
Ah, thanks ZB. That is exaclty what I was looking for. And yes, this guy is a fool, heh.
-Robert