Re: Monitoring tools to use on an account
Klistvud wrote: Dne, 30. 07. 2010 18:47:15 je hugo vanwoerkom napisal(a): But is there such a tool to trace what is being done in IW? IW? For starters, I would check history (ctrl-h), so you can track what sites the person has been to. In my humble experience though, it's thermal shutdown. They played a flash game or two, and Iceweasel, combined with Flash, is notorious for ramping up CPU usage out of any proportion. Thermal shutdowns happen all the time when I let my kids play on my laptop. I sure hope Iceweasel/Flash will work better in Squeeze ... I installed the latest flashplayer from Adobe and that fixed the problem. Who knows why people like facebook, that was the problem, its videos. And why did it bring down X? Who knows. Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/i3eo8p$p0...@dough.gmane.org
Re: Monitoring tools to use on an account
AG wrote: Hi all I'm facing a bit of a delicate issue: I have created an account on my machine for someone staying with us, and I have strong suspicions that he is engaging in on-line behaviour that he is not supposed to be doing. Can anyone recommend a tool thatb I can install, that can monitor his on-line activity - specifically sites he visits and how much time he spends on them? A key logger might also be useful to monitor his activities. I'd need something that will mail me reports to my account without these being transparent to him. Any suggestions, please? Unless I am mistaken, the issue got sidetracked to 'whether one ought to monitor'. But I have this situation: a person uses this laptop when I am not around and yesterday the system shutdown twice while this person was using it. All I see in syslog is: Jul 29 16:28:26 debian gdm[3069]: WARNING: Failed to start X server several times in a short time period; disabling display :0 Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: *** info [daemon/processrequest.c(42)]: Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: Request on 6 (console 8) Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: *** info [daemon/processrequest.c(42)]: Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: Request on 6 (console 8) Jul 29 16:30:00 debian Modtemp[2577]: =[getty 0.0]= Thu Jul 29 16:30:00 2010 T2=C T3=C busy=81% MHz=1.50 (240) Jul 29 16:31:40 debian acpid: client 9593[0:0] has disconnected Jul 29 16:31:40 debian shutdown[24154]: shutting down for system halt This person knows nothing of commands or VT's so it was just internet browsing activity. I would sure like to know what happened. Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/i2utmq$a9...@dough.gmane.org
Re: Monitoring tools to use on an account
On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote: This person knows nothing of commands or VT's so it was just internet browsing activity. I would sure like to know what happened. How do you know that this person hasn't captured your passwords and/or keys, possibly by temporarily rebooting on a CD to gain root privileges? --Mike Bird -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201007300930.28957.mgb-deb...@yosemite.net
Re: Monitoring tools to use on an account
Mike Bird wrote: On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote: This person knows nothing of commands or VT's so it was just internet browsing activity. I would sure like to know what happened. How do you know that this person hasn't captured your passwords and/or keys, possibly by temporarily rebooting on a CD to gain root privileges? We're sidetracking again. I guarantee you that this person knows nothing about keys or capturing passwords or gaining root privileges. Remember we're in Mexico now stuck behind a Telmex gateway. It could be malicious intent on the part of external parties, but then it would happen when I am on and it never does. Solid system. Good broadband wireless connection with Lenny and gnome on an Acer Aspire laptop. But is there such a tool to trace what is being done in IW? Hugo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/i2uvmv$h7...@dough.gmane.org
Re: Monitoring tools to use on an account
On Fri July 30 2010 09:47:15 hugo vanwoerkom wrote: Mike Bird wrote: On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote: This person knows nothing of commands or VT's so it was just internet browsing activity. I would sure like to know what happened. How do you know that this person hasn't captured your passwords and/or keys, possibly by temporarily rebooting on a CD to gain root privileges? We're sidetracking again. I guarantee you that this person knows nothing about keys or capturing passwords or gaining root privileges. It doesn't take a lot of technical knowledge to download and burn an attack CD. Remember this person has already surprised you with IIRC two reboots. It's unlikely you will be able to find out what happened after the event. Given physical access to the device, there's no way of guarantying that even a previous installed logger would report accurately - as for example if the system were temporarily rebooted on an attack CD. Perhaps by your friend. Perhaps when your friend left the system unattended. --Mike Bird -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201007301013.49618.mgb-deb...@yosemite.net
Re: Monitoring tools to use on an account
Dne, 30. 07. 2010 18:47:15 je hugo vanwoerkom napisal(a): But is there such a tool to trace what is being done in IW? IW? For starters, I would check history (ctrl-h), so you can track what sites the person has been to. In my humble experience though, it's thermal shutdown. They played a flash game or two, and Iceweasel, combined with Flash, is notorious for ramping up CPU usage out of any proportion. Thermal shutdowns happen all the time when I let my kids play on my laptop. I sure hope Iceweasel/Flash will work better in Squeeze ... -- Regards, Klistvud Certifiable Loonix User #481801 http://bufferoverflow.tiddlyspot.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1280529891.1128...@compax
Re: Monitoring tools to use on an account
On Tue, 27 Jul 2010 17:53:40 +0100, AG wrote: I'm facing a bit of a delicate issue: I have created an account on my machine for someone staying with us, and I have strong suspicions that he is engaging in on-line behaviour that he is not supposed to be doing. Can anyone recommend a tool thatb I can install, that can monitor his on-line activity - specifically sites he visits and how much time he spends on them? (...) If he has nothing to hide, all the steps will be tracked by the browser history and cache files. Also, /tmp is a good bucket for holding shared secrets (recent files, etc...). A key logger might also be useful to monitor his activities. There is one for 32-bits systems. Lkl is in the repos, though I've not tested. ... Mmm, I am thinking about launching a VNC session (remote desktop) so you can see the user's desktop activities at real time (smiliar to what remote support operators do with their users/customers). Greetings, -- Camaleón -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pan.2010.07.28.11.05...@gmail.com
Re: Monitoring tools to use on an account
On Tue, 27 Jul 2010 17:53:40 +0100, AG wrote: A I'm facing a bit of a delicate issue: I have created an account on my A machine for someone staying with us, and I have strong suspicions that A he is engaging in on-line behaviour that he is not supposed to be doing. A Can anyone recommend a tool thatb I can install, that can monitor his A on-line activity - specifically sites he visits and how much time he A spends on them? On Wed, 28 Jul 2010 11:05:30 + (UTC), noela...@gmail.com said: C If he has nothing to hide, all the steps will be tracked by the browser C history and cache files. Also, /tmp is a good bucket for holding C shared secrets (recent files, etc...). The problem is if he does have something to hide that the OP might be held liable for. AG, if you're worried about browser activity, can you install squid on your system and change his proxy setting accordingly? This way he leaves a trace even if he sanitizes his browser cache, assuming he doesn't have root privileges. Another possibility - running tcpdump or the moral equivalent and checking the packet dumps periodically for anything hinky. This way you catch any bad network activity, not just the browser. Something like this at boot to avoid filling your entire drive: k=1 while true; do out=/some/dir/dump.$k # /some/dir owned by you, mode 700 tcpdump -c 50 -w $out # season to taste # check the dump for anything suspicious, remove it if clean tcpdump -r $out ... some filter here ... || rm $out k=$((k+1)) done You might also change the permissions on ps so he can't see tcpdump or any other steps you might take. -- Karl Vogel I don't speak for the USAF or my company If you can't be kind, at least have the decency to be vague. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100728175429.7333ab...@kev.msw.wpafb.af.mil
Monitoring tools to use on an account
Hi all I'm facing a bit of a delicate issue: I have created an account on my machine for someone staying with us, and I have strong suspicions that he is engaging in on-line behaviour that he is not supposed to be doing. Can anyone recommend a tool thatb I can install, that can monitor his on-line activity - specifically sites he visits and how much time he spends on them? A key logger might also be useful to monitor his activities. I'd need something that will mail me reports to my account without these being transparent to him. Any suggestions, please? Many thanks. AG -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c4f0f14.9030...@gmail.com
Re: Monitoring tools to use on an account
On Tue July 27 2010 09:53:40 AG wrote: Any suggestions, please? If you have the right to supervise a child then supervise them. Stay in the room and make sure they're not surfing porn. Do so openly. If you don't have the right to supervise an adult then don't spy on them. Speaking for myself, not Debian, ... --Mike Bird -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201007271024.58836.mgb-deb...@yosemite.net
Re: Monitoring tools to use on an account
On 7/27/10 12:24 PM, Mike Bird wrote: On Tue July 27 2010 09:53:40 AG wrote: Any suggestions, please? If you have the right to supervise a child then supervise them. Stay in the room and make sure they're not surfing porn. Do so openly. If you don't have the right to supervise an adult then don't spy on them. Speaking for myself, not Debian, ... --Mike Bird Nobody has any right to monitor somebody else without consent or a warrant. This is a very grey area companies play in and one the supreme court and others are trying to address and have been trying to address. In some states (especially the state I'm in) even monitoring your kids or wifes activities can cross the line into being criminal, if you're not careful, especially if you break some kind of encryption to do so. I'm no lawyer. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c4f2450.5050...@envygeeks.com
Re: Monitoring tools to use on an account
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 07/27/2010 02:24 PM, Jordon Bedwell wrote: On 7/27/10 12:24 PM, Mike Bird wrote: On Tue July 27 2010 09:53:40 AG wrote: Any suggestions, please? If you have the right to supervise a child then supervise them. Stay in the room and make sure they're not surfing porn. Do so openly. If you don't have the right to supervise an adult then don't spy on them. Speaking for myself, not Debian, ... --Mike Bird Nobody has any right to monitor somebody else without consent or a warrant. This is a very grey area companies play in and one the supreme court and others are trying to address and have been trying to address. In some states (especially the state I'm in) even monitoring your kids or wifes activities can cross the line into being criminal, if you're not careful, especially if you break some kind of encryption to do so. I'm no lawyer. You also have to look at it from this perspective. Its his home and his network. He may be held liable for things that pass in and out of that network. If the user is engaging in illegal activities, it will be the OP's internet who gets cut off (and potentially worse). Not that monitoring will really help this scenario, as the damage will have already been done. I would recommend locking the network down over a monitoring solution. Not only will it can it be more effective, but it does not require the invasion of privacy. You can use a web proxy, such as squid, to whitelist allowed sites. A quick google search turned up this that looks interesting: http://www.screaming-penguin.com/node/3871 . - -- Jordan Metzmeier -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBCAAGBQJMTydJAAoJEKj/C3qNthmTVlAQAIAqQOVW03B+GiD1pv/bQBRc h5KIMgJRBnxUt/pIHRUco4SoJoHlpt/gYa2xKAdQtL1ssSj60Vmu6aCEdnLm606C M/TY5YQDKvZ7CJWf5uXuTQF/AlN7JScRHx0bB5zchyiChwdduwCBb27rze5Hjs5j yQDKtXnNgWjwwUUNfnyqoFoCdQ/e+CM3HY/y2t8DSA+z2LyD59UdUK2tkfiLmOd+ D2mJRsDM+ILcCnkgU2PAyfgcALCmk4j6PVuLDgBKftvmzdHFE04RRZ4ZR+zi/JAD vv17SVFZ+DlQn/ewfeqWCRoz71/FE92Qixjehmo76abU51f/0mdJ0d4g1azJy1kZ TXEbdPHn3Kkh68c5BrJGMIi9X8feioNv13g5P98tbITCeyHq4v2Tzj/TCHIoR/TC XEDBr+mio9+QajamKuemNMxpmp/NKot7GHCQ5euMHtbjNRyEUGaIOJMvQuLP5dso 0oGJB1zmH0fPLYirhsRaqS7KTEA68dlt/9dRNs5XxkTzBnJB7dOtxGPwG+kY2e6S 0WSMJ76IaNiAEIZSWowrSB7yo9TlQWm31Zrfi8GH9Fe7SEYFtR71KsilBDJ9AtQD 1qr2oBPbMuvqS8g+m+VznFrPgcEMaWhd3l/8KRWvlO3AIMuaRjprRObjjFXZ3Dwm Ce975BpTGf0svQSjfvYG =vjyh -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c4f2749.4060...@gmail.com
Re: Monitoring tools to use on an account
You can also use dansguardian or another web content filter.
Re: Monitoring tools to use on an account
On 27/07/10 19:24, Jordon Bedwell wrote: On 7/27/10 12:24 PM, Mike Bird wrote: On Tue July 27 2010 09:53:40 AG wrote: Any suggestions, please? If you have the right to supervise a child then supervise them. Stay in the room and make sure they're not surfing porn. Do so openly. If you don't have the right to supervise an adult then don't spy on them. Speaking for myself, not Debian, ... --Mike Bird Nobody has any right to monitor somebody else without consent or a warrant. This is a very grey area companies play in and one the supreme court and others are trying to address and have been trying to address. In some states (especially the state I'm in) even monitoring your kids or wifes activities can cross the line into being criminal, if you're not careful, especially if you break some kind of encryption to do so. I'm no lawyer. Jordon Mike Thanks for your well intentioned advice. I do know that this is controversial I am approaching this dubiously reluctantly. However, it is my machine, my network and my home and as Jordan correctly pointed out - I am liable for what happens under my roof. I also am vociferous against state intrusion and surveillance and find myself in a quandry about this situation. However, be that as it may, I do want to be aware of my options and will exercise the steps necessary to ensure that I am not liable for activities against my consent that are being perpetrated using my equipment, in my home, etc. When I weigh up the pro's and the con's, I am inclined toward instituting some means of monitoring activity such that I have a solid log of evidence with which to confront him, rather than either jumping off of the deep end without reason or being blind-sided by BS. Once again, thanks you for your concern. AG -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4c4f6505.6030...@gmail.com