SLUG Mailing List Archives - Re: [SLUG] forensics work without history file

To: Mike MacCana <mikem@xxxxxxxxxxxx>
Subject: Re: [SLUG] forensics work without history file
From: Peter Chubb <peterc@xxxxxxxxxxxxxxxxxx>
Date: Tue, 8 Feb 2005 11:12:49 +1100
Cc: slug@xxxxxxxxxxx
Comments: Hyperbole mail buttons accepted, v04.18.

>> On Sun, 6 Feb 2005 03:39 pm, Ricky wrote:
>>> Hi All
>>> is there a way to find out what user did without .history file ?

Compile your kernel with BSD accounting on, and then install the
accounting packages -- you'll then get a complete log of all commands
and how long they took. You don't get all the command args though.

-- 
Dr Peter Chubb  http://www.gelato.unsw.edu.au  peterc AT gelato.unsw.edu.au
The technical we do immediately,  the political takes *forever*

References:
- [SLUG] forensics work without history file
  - From: Ricky
- Re: [SLUG] forensics work without history file
  - From: James Gray
- Re: [SLUG] forensics work without history file
  - From: Mike MacCana

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] Time Varying Firewall Rules
Next by Date: Re: [SLUG] video editing software
Previous by thread: Re: [SLUG] forensics work without history file
Next by thread: Re: [SLUG] forensics work without history file