FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 07-27-2010, 07:39 PM
Aniruddha
 
Default Monitoring tools to use on an account

You can also use dansguardian or another web content filter.
 
Old 07-27-2010, 11:00 PM
AG
 
Default Monitoring tools to use on an account

On 27/07/10 19:24, Jordon Bedwell wrote:

On 7/27/10 12:24 PM, Mike Bird wrote:

On Tue July 27 2010 09:53:40 AG wrote:

Any suggestions, please?


If you have the right to supervise a child then
supervise them. Stay in the room and make sure
they're not surfing porn. Do so openly.

If you don't have the right to supervise an
adult then don't spy on them.

Speaking for myself, not Debian, ...

--Mike Bird




Nobody has any right to monitor somebody else without consent or a
warrant. This is a very grey area companies play in and one the
supreme court and others are trying to address and have been trying to
address. In some states (especially the state I'm in) even monitoring
your kids or wifes activities can cross the line into being criminal,
if you're not careful, especially if you break some kind of encryption
to do so. I'm no lawyer.




Jordon & Mike

Thanks for your well intentioned advice. I do know that this is
controversial & I am approaching this dubiously & reluctantly. However,
it is my machine, my network and my home and as Jordan correctly pointed
out - I am liable for what happens under my roof.


I also am vociferous against state intrusion and surveillance and find
myself in a quandry about this situation. However, be that as it may, I
do want to be aware of my options and will exercise the steps necessary
to ensure that I am not liable for activities against my consent that
are being perpetrated using my equipment, in my home, etc. When I weigh
up the pro's and the con's, I am inclined toward instituting some means
of monitoring activity such that I have a solid log of evidence with
which to confront him, rather than either jumping off of the deep end
without reason or being blind-sided by BS.


Once again, thanks you for your concern.

AG


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: 4C4F6505.6030206@gmail.com">http://lists.debian.org/4C4F6505.6030206@gmail.com
 
Old 07-28-2010, 11:05 AM
Camaleón
 
Default Monitoring tools to use on an account

On Tue, 27 Jul 2010 17:53:40 +0100, AG wrote:

> I'm facing a bit of a delicate issue: I have created an account on my
> machine for someone staying with us, and I have strong suspicions that
> he is engaging in on-line behaviour that he is not supposed to be doing.
>
> Can anyone recommend a tool thatb I can install, that can monitor his
> on-line activity - specifically sites he visits and how much time he
> spends on them?

(...)

If he has nothing to hide, all the steps will be tracked by the browser
history and cache files. Also, "/tmp" is a good bucket for holding
"shared secrets" (recent files, etc...).

> A key logger might also be useful to monitor his
> activities.

There is one for 32-bits systems. "Lkl" is in the repos, though I've not
tested.

...

Mmm, I am thinking about launching a VNC session (remote desktop) so you
can see the user's desktop activities at real time (smiliar to what
remote support operators do with their users/customers).

Greetings,

--
Camaleón


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: pan.2010.07.28.11.05.30@gmail.com">http://lists.debian.org/pan.2010.07.28.11.05.30@gmail.com
 
Old 07-28-2010, 05:54 PM
 
Default Monitoring tools to use on an account

>> On Tue, 27 Jul 2010 17:53:40 +0100, AG wrote:

A> I'm facing a bit of a delicate issue: I have created an account on my
A> machine for someone staying with us, and I have strong suspicions that
A> he is engaging in on-line behaviour that he is not supposed to be doing.
A> Can anyone recommend a tool thatb I can install, that can monitor his
A> on-line activity - specifically sites he visits and how much time he
A> spends on them?

>> On Wed, 28 Jul 2010 11:05:30 +0000 (UTC), <noelamac@gmail.com> said:

C> If he has nothing to hide, all the steps will be tracked by the browser
C> history and cache files. Also, "/tmp" is a good bucket for holding
C> "shared secrets" (recent files, etc...).

The problem is if he does have something to hide that the OP might be
held liable for. AG, if you're worried about browser activity, can you
install squid on your system and change his proxy setting accordingly?
This way he leaves a trace even if he sanitizes his browser cache,
assuming he doesn't have root privileges.

Another possibility - running tcpdump or the moral equivalent and
checking the packet dumps periodically for anything hinky. This way you
catch any bad network activity, not just the browser. Something like
this at boot to avoid filling your entire drive:

k=1
while true; do
out=/some/dir/dump.$k # /some/dir owned by you, mode 700
tcpdump -c 500000 -w $out # season to taste

# check the dump for anything suspicious, remove it if clean
tcpdump -r $out ... some filter here ... || rm $out
k=$((k+1))
done

You might also change the permissions on "ps" so he can't see "tcpdump" or
any other steps you might take.

--
Karl Vogel I don't speak for the USAF or my company
If you can't be kind, at least have the decency to be vague.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100728175429.7333ABED9@kev.msw.wpafb.af.mil">htt p://lists.debian.org/20100728175429.7333ABED9@kev.msw.wpafb.af.mil
 
Old 07-30-2010, 04:13 PM
hugo vanwoerkom
 
Default Monitoring tools to use on an account

AG wrote:

Hi all

I'm facing a bit of a delicate issue: I have created an account on my
machine for someone staying with us, and I have strong suspicions that
he is engaging in on-line behaviour that he is not supposed to be doing.


Can anyone recommend a tool thatb I can install, that can monitor his
on-line activity - specifically sites he visits and how much time he
spends on them? A key logger might also be useful to monitor his
activities.


I'd need something that will mail me reports to my account without these
being transparent to him.


Any suggestions, please?



Unless I am mistaken, the issue got sidetracked to 'whether one ought to
monitor'.
But I have this situation: a person uses this laptop when I am not
around and yesterday the system shutdown twice while this person was
using it. All I see in syslog is:


Jul 29 16:28:26 debian gdm[3069]: WARNING: Failed to start X server
several times in a short time period; disabling display :0
Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: *** info
[daemon/processrequest.c(42)]:

Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: Request on 6 (console 8)
Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: *** info
[daemon/processrequest.c(42)]:

Jul 29 16:28:26 debian /usr/sbin/gpm[2894]: Request on 6 (console 8)
Jul 29 16:30:00 debian Modtemp[2577]: =[getty 0.0]=> Thu Jul 29 16:30:00
2010 T2=C T3=C busy=81% MHz=1.50 (240)

Jul 29 16:31:40 debian acpid: client 9593[0:0] has disconnected
Jul 29 16:31:40 debian shutdown[24154]: shutting down for system halt

This person knows nothing of commands or VT's so it was just internet
browsing activity. I would sure like to know what happened.


Hugo


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: i2utmq$a9p$1@dough.gmane.org">http://lists.debian.org/i2utmq$a9p$1@dough.gmane.org
 
Old 07-30-2010, 04:30 PM
Mike Bird
 
Default Monitoring tools to use on an account

On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote:
> This person knows nothing of commands or VT's so it was just internet
> browsing activity. I would sure like to know what happened.

How do you know that this person hasn't captured your
passwords and/or keys, possibly by temporarily rebooting
on a CD to gain root privileges?

--Mike Bird


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201007300930.28957.mgb-debian@yosemite.net">http://lists.debian.org/201007300930.28957.mgb-debian@yosemite.net
 
Old 07-30-2010, 04:47 PM
hugo vanwoerkom
 
Default Monitoring tools to use on an account

Mike Bird wrote:

On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote:

This person knows nothing of commands or VT's so it was just internet
browsing activity. I would sure like to know what happened.


How do you know that this person hasn't captured your
passwords and/or keys, possibly by temporarily rebooting
on a CD to gain root privileges?



We're sidetracking again. I guarantee you that this person knows nothing
about keys or capturing passwords or gaining root privileges.


Remember we're in Mexico now stuck behind a Telmex gateway.

It could be malicious intent on the part of external parties, but then
it would happen when I am on and it never does. Solid system. Good
broadband wireless connection with Lenny and gnome on an Acer Aspire laptop.


But is there such a tool to trace what is being done in IW?

Hugo


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: i2uvmv$h7l$1@dough.gmane.org">http://lists.debian.org/i2uvmv$h7l$1@dough.gmane.org
 
Old 07-30-2010, 05:13 PM
Mike Bird
 
Default Monitoring tools to use on an account

On Fri July 30 2010 09:47:15 hugo vanwoerkom wrote:
> Mike Bird wrote:
> > On Fri July 30 2010 09:13:08 hugo vanwoerkom wrote:
> >> This person knows nothing of commands or VT's so it was just internet
> >> browsing activity. I would sure like to know what happened.
> >
> > How do you know that this person hasn't captured your
> > passwords and/or keys, possibly by temporarily rebooting
> > on a CD to gain root privileges?
>
> We're sidetracking again. I guarantee you that this person knows nothing
> about keys or capturing passwords or gaining root privileges.

It doesn't take a lot of technical knowledge to download
and burn an attack CD. Remember this person has already
surprised you with IIRC two reboots.

It's unlikely you will be able to find out what happened
after the event.

Given physical access to the device, there's no way of
guarantying that even a previous installed logger would
report accurately - as for example if the system were
temporarily rebooted on an attack CD.

Perhaps by your friend. Perhaps when your friend left
the system unattended.

--Mike Bird


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 201007301013.49618.mgb-debian@yosemite.net">http://lists.debian.org/201007301013.49618.mgb-debian@yosemite.net
 
Old 07-30-2010, 10:44 PM
Klistvud
 
Default Monitoring tools to use on an account

Dne, 30. 07. 2010 18:47:15 je hugo vanwoerkom napisal(a):


But is there such a tool to trace what is being done in IW?



IW? For starters, I would check history (ctrl-h), so you can track what
sites the person has been to. In my humble experience though, it's
thermal shutdown. They played a flash game or two, and Iceweasel,
combined with Flash, is notorious for ramping up CPU usage out of any
proportion. Thermal shutdowns happen all the time when I let my kids
play on my laptop. I sure hope Iceweasel/Flash will work better in
Squeeze ...


--
Regards,

Klistvud
Certifiable Loonix User #481801
http://bufferoverflow.tiddlyspot.com


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 1280529891.11286.0@compax">http://lists.debian.org/1280529891.11286.0@compax
 
Old 08-05-2010, 04:18 PM
hugo vanwoerkom
 
Default Monitoring tools to use on an account

Klistvud wrote:

Dne, 30. 07. 2010 18:47:15 je hugo vanwoerkom napisal(a):


But is there such a tool to trace what is being done in IW?



IW? For starters, I would check history (ctrl-h), so you can track what
sites the person has been to. In my humble experience though, it's
thermal shutdown. They played a flash game or two, and Iceweasel,
combined with Flash, is notorious for ramping up CPU usage out of any
proportion. Thermal shutdowns happen all the time when I let my kids
play on my laptop. I sure hope Iceweasel/Flash will work better in
Squeeze ...




I installed the latest flashplayer from Adobe and that fixed the
problem. Who knows why people like facebook, that was the problem, its
videos. And why did it bring down X? Who knows.


Hugo


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Archive: i3eo8p$p0j$1@dough.gmane.org">http://lists.debian.org/i3eo8p$p0j$1@dough.gmane.org
 

Thread Tools




All times are GMT. The time now is 10:43 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org