covering traces
If a user is browsing via ssh, all he/she has to do is clear history to clear his tracks? How can I track users even if they clear their history, in BASH shell, using history -c?
I guess what i'm trying to do ultimately is to prevent users from snooping around on a redhat server I have set up, that allows them access via SSH - are there any books on this?
This may help you, we use something to this effect at work:
h**p://everything2.com/e2node/Protect%2520against%2520deleted%2520.bash_history% 2520files
dont forget to replace the h**p
You may want to look into file permissions and user groups as well.
Yes there are many books on hardening RedHat servers.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
i meant just browsing, not accessing files
SELinux is what your looking for however its a bitch to configure but there is lots of info on the subject or hardening redhat servers with selinux.
Thanks - SElinux is awsome, but i was just interested in the browsing aspect - am i just looking at folder and SSH privileges in this case?Originally Posted by pureh@te
Also - could you tell me why you chose gentoo over LFS, just wondering.
Posting Permissions
