forrie@morwyn.UUCP (Forrie Aldrich) (04/11/91)
Is there a way to monitor the I/O of another terminal/port in UNIX?
This would be particularly helpful in dealing with hackers and admin
on sensitive systems.
To date, I have not 'seen' anything that will accomplish this task,
however I thought I would ask, in case there's a solution out there
somewhere.
It might be best to EMAIL me on this matter.
Thanks,
Forrest
--
--------------------=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--------------------
Forrest Aldrich, Jr.| ...uunet!eci!morwyn!forrie |forrie@morywn.UUCP
| <email paths> |
CREATIVE CONNECTIONS| ...uunet!zinn!eci!morwyn!forrie |Graphic Illustration
------------------\-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/------------------
\___ PO Box 1541 - Dover, NH 03820 ___/ nem@hare.udev.cdc.com (neal e meyer x2257) (04/12/91)
If you get a positive response please send me a copy. Thanks, Neal nem@udev.cdc.com
rcedv@netmbx.UUCP (R. Cirksena) (04/14/91)
nem@hare.udev.cdc.com (neal e meyer x2257) writes: >If you get a positive response please send me a copy. Thanks, >Neal >nem@udev.cdc.com me too. Thanks, Ralf +-------------------------------------------------------------------------+ | Ralf Cirksena |_______________Email: rcedv@netmbx.UUCP___________| | | If I knew everything I don't know yet, | | 1000 Berlin 36 | I whould like to forget everything I know. | +-------------------------------------------------------------------------+
brunette@sjuphil.uucp (Glenn M. Brunette) (04/15/91)
Could an answer be sent to me as well...
Thanks in advance,
Glenn
brunette@sju
--
*******************************************************************************
Glenn Brunette, Academic Computing Network Consultant sssss
ss jjjjjjj
ss j
brunette@sjuphil.UUCP ss j u u
brunette%sjuphil.sju.edu@RELAY.cs.net sssss j u upataky@tove.cs.umd.edu (Bill Pataky) (04/16/91)
In article <78@morwyn.UUCP> forrie@morwyn.UUCP (Forrie Aldrich) writes: >Is there a way to monitor the I/O of another terminal/port in UNIX? > >This would be particularly helpful in dealing with hackers and admin >on sensitive systems. ^^^^^^^^^^^^^^^^^^^^ This would be even more useful to the hackers themselves. Think about it. It seems to me that security and monitoring are mutually exclusive, especially on "sensitive systems". Consider the following example: You are sysadmin at a University. The profs on your systems write their exams on your system and encrypt them. The student worker who does your dumps/restores uses the monitoring tool you mention to grab the encryption key used by his prof. The student can then decrypt the exam. Or worse yet, the student can grab the entire exam as it is typed in leaving no changed file access times. (I'm not saying that student workers are un-trustworthy, just using this to illustrate a point) Generally, any tool that allows circumvention of Unix's security policy even by administrators, only serves to weaken overall system security. Bill Pataky ------------------------------------------------------------------------------ domain: pataky@itd.nrl.navy.mil voice: 202.404.8355 path: ..!uunet!itd.nrl.navy.mil!pataky fax: 202.404.7942 ==============================================================================
rwu@ibism.UUCP (Raymond Wu) (05/04/91)
Well, ahow about looking at it from a different angle: Let's suppose that you're a paranoid systems security administrator and you have a need to monitor / review all the events that transpired when access to the production environment was granted to a programmer / support person. Yes, the logons are restricted in such a way that someone must turn on the account for you. This adminstrator's sole purpose in life is to ensure that no support person will load in unauthorized code or inflict some damage to the physical environment. By the way, what's the answer to the availability of such a beast - I happen to know of an organization that is on the lookout for this monitoring / playback capability. ========================================================================= Raymond Wu Citibank Phone: (212) 657-5426 111 Wall Street Fax: (212) 825-8607 17th floor / zone 10 E-Mail: uunet!ibism!rwu New York City, New York 10043 ============================================================================