Results 1 to 6 of 6

Thread: covering traces

  1. #1
    Junior Member
    Join Date
    May 2008
    Posts
    41

    Default covering traces

    If a user is browsing via ssh, all he/she has to do is clear history to clear his tracks? How can I track users even if they clear their history, in BASH shell, using history -c?

    I guess what i'm trying to do ultimately is to prevent users from snooping around on a redhat server I have set up, that allows them access via SSH - are there any books on this?

  2. #2
    Member
    Join Date
    Feb 2010
    Location
    Root
    Posts
    121

    Default

    This may help you, we use something to this effect at work:

    h**p://everything2.com/e2node/Protect%2520against%2520deleted%2520.bash_history% 2520files

    dont forget to replace the h**p

    You may want to look into file permissions and user groups as well.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Yes there are many books on hardening RedHat servers.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4
    Junior Member
    Join Date
    May 2008
    Posts
    41

    Default

    i meant just browsing, not accessing files

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    SELinux is what your looking for however its a bitch to configure but there is lots of info on the subject or hardening redhat servers with selinux.

  6. #6
    Junior Member
    Join Date
    May 2008
    Posts
    41

    Default

    Quote Originally Posted by pureh@te View Post
    SELinux is what your looking for however its a bitch to configure but there is lots of info on the subject or hardening redhat servers with selinux.
    Thanks - SElinux is awsome, but i was just interested in the browsing aspect - am i just looking at folder and SSH privileges in this case?

    Also - could you tell me why you chose gentoo over LFS, just wondering.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •