[luau] hacking
tom_gordon at notes.k12.hi.us
tom_gordon at notes.k12.hi.us
Fri Oct 17 13:38:01 PDT 2003
If they have root they can clean/replace/modify anything. They could even
put measures in place to prevent future detection.
Remote realtime logging to a locked box is good. Logging to lpt, for
instance, cannot be cleaned without physical access :D
Tom
Please respond to luau at videl.ics.hawaii.edu
Sent by: luau-admin at videl.ics.hawaii.edu
To: <LUAU at videl.ics.hawaii.edu>
cc:
Subject: [luau] hacking
If I knew the root passwd and have access to a user account on a box,
can I sucessfully clean my trail (sulog, messages, etc) with all
entrances and activities I do to the box? If the audit was done only on
the box level , not pix logs or anything else.
Is there something that may log this that cannot be cleaned?
I remember seeing this on the list before but cant remember what date it
was.
Just wondering.
_______________________________________________
LUAU mailing list
LUAU at videl.ics.hawaii.edu
http://videl.ics.hawaii.edu/mailman/listinfo/luau
More information about the LUAU
mailing list