Login or Register to Ask a Question and Join Our Community


Cybersecurity

Unix keystroke logger

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Unix keystroke logger
# 1  
Old 08-23-2010
Unix keystroke logger
Hi all,

Does anyone know if there is a tool in the market that could do the following when System Admin log to the server as root and perform activities according to his change request:

- trap or log his keystroke for the entire duration
- provide a report on the changes SA has made to the environment excluding harmless commands ( such as ls, cd, pwd,etc). If the SA execute a script called "ls", the tool should also list out what the script does and what changes has taken place.

Many thanks.
# 2  
Old 08-23-2010
Hi
You can try using "script" facility. Please refer man page. You can have custom scripts written that could process the files generated by script to filter the information you need.

-Raja
# 3  
Old 08-23-2010
Other comercial products also perform this task - try googling "Privileged Account Management". (I work on one of these products, so I wont mention company names).
They can provide managed access to root, and will allow full auditing, often including keystroke capture and replay.

I hope this helps.
# 4  
Old 08-23-2010
...and if you don't need to comply with SOX, Basel II, HSPD-12, FFIEC, HIPAA, FERPA, PCI-DSS and you're not in the market for a commercially licensed Privileged Account / Identity / User Management suite you could try 'rootsh' together with remote syslogging. However since root is omnipotent you need to take into account scenarios where logging gets subverted.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Keystroke logging issue

I'm having an issue with keystoke logging. As we know in unix you can press tab to auto-complete a command or whatever it is you are typing. Well keystoke logging in /var/log/ks, tabs are actually showing up as tabs rather than whatever the auto-completion was. Any ideas? (5 Replies)
Discussion started by: scj2012
5 Replies

2. Red Hat

Putty recognise keystroke wrongly!

Putty: release 0.58 Operating system: Linux, release 2.6.36-rc7 Problem: I use Putty to connet to server, initially everthing looks fine but after I browse some files, my keyboard acts funny, like if I keyin "cd", I got "je" on the screen. :wall: This only happens on some existing files but... (4 Replies)
Discussion started by: linwufei125
4 Replies

3. UNIX for Dummies Questions & Answers

Capturing the keystroke

i have the below script: #!/bin/bash echo "enter a" read a echo "enter b" read b let c=a+b echo $c at any point of time between entering the value for a and b,if user presses ctrl+a key combination, then it should start from the beginning(the script should be restarted). it should... (4 Replies)
Discussion started by: pandeesh
4 Replies

4. Shell Programming and Scripting

Regarding automatic keystroke

Hi All , I am writing a shell script for a 3D test case . The 3D Test case involves the user to press some keys to see the changes in the 3d test case . The user has to press p , r , a , z etc to observe the changes on screen . Now please let me know how can i implement the keystroke p , a ,... (1 Reply)
Discussion started by: dskonnur
1 Replies

5. Shell Programming and Scripting

Perl - Reading keyboard keystroke

Hello All, I wounder if any one know if perl have the ability to run script in the background which record each keyboard keystorke? If yes , how can I implement the part which reading the keyboard keystroke? Is there any moudle that handle it ? Thanks a head Alalush (1 Reply)
Discussion started by: Alalush
1 Replies

6. Solaris

Disabled keystroke at the log-in menu

Hello I am unable to enter my password because the OS does not respond to my keystrokes in the password field at the log-in menu, even though it does in the username field. I have no clue how to troubleshoot this. Please help me out. Thank you (11 Replies)
Discussion started by: dai2809
11 Replies

7. Solaris

Monitoring all user keystroke activity

Hello, First post so bear with me....i've done lost of searches on this and did not find a definitive answer. I need to be able to capture in log every single keystroke a user performs, I am aware that the script command can be used to do this, however, here is my dilemma/problem. Here... (1 Reply)
Discussion started by: giles.cardew
1 Replies

8. UNIX for Dummies Questions & Answers

ldapmodify: keystroke to apply changes

Hi, I need to modify some entries in LDAP, but with what keystroke do I exit and apply the changes? Thanks Brissix (0 Replies)
Discussion started by: brissix
0 Replies

9. UNIX for Dummies Questions & Answers

keystroke trap

Hi, How to track/trap the keyboard strokes in the script say for eg, in normal scene, when a script is running, if a press control c, the program gets terminated... so in this case, how do i trap the keystrokes so as to avoid the abort of the program.. pls help (1 Reply)
Discussion started by: vasikaran
1 Replies

10. Linux

Keystroke log, eventlog, etc...

Don't you just hate crackers? Ok, I have a user on my server who is always causing trouble. He is constantly trying to get into files, change stuff, get users passwords, etc. I was wondering if Linux has a built in keystroke log, or event log of some sort that I may use to track his movements. ... (4 Replies)
Discussion started by: Phobos
4 Replies
Login or Register to Ask a Question