On Fri, 17 Oct 2003 12:55:20 -1000 "Randall Oshita" <[EMAIL PROTECTED]> wrote:
> If I knew the root passwd and have access to a user account on a box, > can I sucessfully clean my trail (sulog, messages, etc) with all > entrances and activities I do to the box? If the audit was done only on > the box level Yes. A _skilled_ hacker could cover their tracks. A root kit simplifies the task. > Is there something that may log this that cannot be cleaned? It requires a second box. For example: http://www.linuxsecurity.com/feature_stories/feature_story-64.html -- _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ Gary Dunn _/ _/ Open Slate Project _/ _/ http://openslate.sourceforge.net/ _/ _/ http://www.aloha.com/~knowtree/ _/ _/ Honolulu _/ _/ registered Linux user #273809 _/ _/ _/ _/ This tagline is umop apisdn. _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ --------------------------------------------- This message was sent using Endymion MailMan. http://www.endymion.com/products/mailman/
