[3187] in bugtraq
Re: Tracking tools?
daemon@ATHENA.MIT.EDU (Tracy R. Reed)
Sat Aug 17 19:36:24 1996
Date: Thu, 15 Aug 1996 14:14:56 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: "Tracy R. Reed" <treed@straylight.connectnet.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <Pine.OSF.3.91.960815080034.19557A-100000@shalott.ots.utexas.edu>
On Thu, 15 Aug 1996, Gene Titus wrote:
> keystrokes to a file. The down side is if they do a w command, they will
> see some funny stuff happening on their account.
There is probably a "root kit" (or something like it) for your particular
OS out there somewhere. It normally contains a modified ps, w, etc which
selectively chooses not to display certain processes. While normally used
to hide malicious processes and users from the admin, you could
theoretically use this to hide yourself from the user. Your best bet is to
get the source to w etc. and modify them yourself. If you use a GNU based
OS, getting the source will be trivial. Otherwise, good luck. :)
----------
Tracy Reed
http://rohan.sdsu.edu/home/treed
http://www.linux.org - Escape the Gates of Hell
