[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: [email protected]
From: Ken Williams <[email protected]>
Date: Thu, 5 Mar 1998 13:11:28 -0500 (EST)
Sender: [email protected]


Hello,

I have more of a general privacy rather than a crypto question.  I am
trying to set up "tripwires" in the various computer accounts that i have
so i will know if a superuser or sysadmin has accessed them.  (it should
be taken for granted at this point that all sensitive or personal data is 
encrypted and/or stored on floppies)  i of course am only concerned with
doing so for accounts that i don't already have su access with.  i have
accounts on various flavors of UNIX, but i am most interested in
tripwires/scripts for Solaris 2.4-6.  so far, the best i have been able to
come up with is a couple of very ineffective tripwires.

1.  a few lines in .Xlogout that write the host/date stamp to a file that
    is hidden a few directories deep.

    - this of course only works if someone logs in to my account using
    my own login/passwd, and it doesn't work over dialup at all.

2.  i have a .environment file that will write all of the relevant user
    info to a file if that user adds my directory with the "add" command

    - this will catch all superuser accesses *if and only if* they add
    my directory.  they could simply cd into my directory to bypass it.

anyone have any ideas for tripwires or any other methods i can use, having
only regular user access, to monitor ANY accesses made to my account,
especially by superusers/sysadmins?


thanks for your consideration of this question,

ken

Follow-Ups:
- Login Tripwire Protocols
  - From: andrew fabbro <[email protected]>
- Re: tripwires when you're not superuser.
  - From: Bill Stewart <[email protected]>

Prev by Date: $.03 PHONE CALLS?
Next by Date: Feds bust Inet gambling
Prev by thread: Re:
Next by thread: Login Tripwire Protocols
Index(es):
- Date
- Thread