From: Mike Dornberger <Mike.Dornberger@gmx.de>
To: debian-security@lists.debian.org
Subject: Re: Command history log for audit trail
Date: Fri, 16 Jun 2006 16:59:05 +0200
Hi,
On Thu, Jun 15, 2006 at 01:08:37PM -0700, prosolutions@gmx.net wrote:
> I need to set up an audit trail for all commands run on machines. I
I'm no kernel expert, but can't processes be forked, too by calling some
kernel functions directly (I mean not by using library functions)?
I don't know if actual kernels have some kind of hook therefor. You may
need
to write a kernel module, if not. Maybe such module is part of modern
intrusion detection systems.
Greetings,
Mike
--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org