Securituy - logging of user commands

2012-07-25 Thread Damien Fleuriot
Hello list, We're currently working towards the PCI DSS certification (Payment Card Industry) for a project at work. One of the prerequisites is that all user commands be logged. We're currently using a very bad hack that takes the last command from a user's history and sends it to a log

Re: Securituy - logging of user commands

2012-07-25 Thread Damien Fleuriot
No I haven't. That's a good suggestion, I'll look into it and see if it fits the purpose :) On 7/25/12 2:04 PM, Peter Boosten wrote: Have you ever considered the audit function of FreeBSD? Peter Boosten On 25 jul. 2012, at 13:47, Damien Fleuriot m...@my.gd wrote: Hello list,

Re: Securituy - logging of user commands

2012-07-25 Thread Peter Boosten
Have you ever considered the audit function of FreeBSD? Peter Boosten On 25 jul. 2012, at 13:47, Damien Fleuriot m...@my.gd wrote: Hello list, We're currently working towards the PCI DSS certification (Payment Card Industry) for a project at work. One of the prerequisites is that

Re: Securituy - logging of user commands

2012-07-25 Thread jb
Damien Fleuriot ml at my.gd writes: ... I notice it also exists on FreeBSD as /usr/ports/security/snoopy . However I face several problems with it, mainly it doesn't seem to log anything. As per the README, I have added /usr/local/lib/snoopy.so to /etc/ld.so.preload I'm not even

Re: Securituy - logging of user commands

2012-07-25 Thread Damien Fleuriot
On 7/25/12 2:42 PM, jb wrote: Damien Fleuriot ml at my.gd writes: ... I notice it also exists on FreeBSD as /usr/ports/security/snoopy . However I face several problems with it, mainly it doesn't seem to log anything. As per the README, I have added /usr/local/lib/snoopy.so to

Re: Securituy - logging of user commands

2012-07-25 Thread Victor Sudakov
Peter Boosten wrote: Have you ever considered the audit function of FreeBSD? Does it really log user commands? At best, it logs executed processes. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___

Re: Securituy - logging of user commands

2012-07-25 Thread jb
Damien Fleuriot ml at my.gd writes: ... From my syslog.conf: auth.info;authpriv.info /var/log/auth.log Yet I'm seeing not a trail in /var/log/auth.log , or messages, or even in secure ... # less /var/log/auth.log Feb 22 21:13:56 localhost newsyslog[1503]:

Re: Securituy - logging of user commands

2012-07-25 Thread Damien Fleuriot
On 25 Jul 2012, at 18:15, jb jb.1234a...@gmail.com wrote: Damien Fleuriot ml at my.gd writes: ... From my syslog.conf: auth.info;authpriv.info /var/log/auth.log Yet I'm seeing not a trail in /var/log/auth.log , or messages, or even in secure ... # less