VanLUG Email Archive

Re: Why Do Hackers Do This?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Dave Michelson: "Re: Linux at COMDEX/Canada West '99"
• Previous message: Dave Michelson: "Re: Linux at COMDEX/Canada West '99"

> Would it
> do any good to redirect a copy of all input of lets say the secure file
> to a printer? Even if they erased/edited the file you would still have
> a record. How would you do this?

I seem to remember that it's possible to redirect syslog to another
machine (man syslog.conf). Haven't tried it; was meaning to some time.
UDP port 514 I think...

You might also look at TjL's deny.sh (link off of
http://vancouver-webpages.com/security/ =
http://www.peak.org/~luomat/scripts/deny-1.1.1.tar.gz)
designed to be run from tcpd's /etc/hosts.deny, which emails
unauthorized access attempts fielded by inetd/tcpd to one or more
people on the net. I had toyed with the idea of forwarding such mail
to a VMS machine (totally obscure to your average 'nix hacker) for
archiving.

Andrew Daviel
http://vancouver-webpages.com/andrew
Deniable unless digitally signed.

• Next message: Dave Michelson: "Re: Linux at COMDEX/Canada West '99"
• Previous message: Dave Michelson: "Re: Linux at COMDEX/Canada West '99"