An utility or whatever that can monitor/log all the activities in OS of the compromised machine

To: debian-user@lists.debian.org
Subject: An utility or whatever that can monitor/log all the activities in OS of the compromised machine
From: Sthu Deus <sthu.deus@gmail.com>
Date: Wed, 3 Jun 2009 00:11:32 +0700
Message-id: <[🔎] 4a255d72.14098e0a.438d.ffff86ff@mx.google.com>

Good day.

Is there an utility or whatever that can monitor/log all the activities in OS
of the compromised machine to investigate the situation?

And, what is more
important - could You share Your experience on how to illuminate from whence
the criminal got its root privileges?

Is it possible to log net activities through iptables? - I did try LOG target
but w/ no success.

Thank You for Your time.

Reply to:

Follow-Ups:
- Re: An utility or whatever that can monitor/log all the activities in OS of the compromised machine
  - From: Javier Barroso <javibarroso@gmail.com>
- Re: An utility or whatever that can monitor/log all the activities in OS of the compromised machine
  - From: Tzafrir Cohen <tzafrir@cohens.org.il>

Prev by Date: Re: How do you get iceweasel (or another browser) to save what otherwise the flashplayer plays?
Next by Date: Re: An utility or whatever that can monitor/log all the activities in OS of the compromised machine
Previous by thread: Re: LILO not run after kernel install/update
Next by thread: Re: An utility or whatever that can monitor/log all the activities in OS of the compromised machine
Index(es):
- Date
- Thread