No Subject

Ken Williams jkwilli2 at unity.ncsu.edu
Thu Mar 5 10:11:33 PST 1998



Hello,

I have more of a general privacy rather than a crypto question.  I am
trying to set up "tripwires" in the various computer accounts that i have
so i will know if a superuser or sysadmin has accessed them.  (it should
be taken for granted at this point that all sensitive or personal data is 
encrypted and/or stored on floppies)  i of course am only concerned with
doing so for accounts that i don't already have su access with.  i have
accounts on various flavors of UNIX, but i am most interested in
tripwires/scripts for Solaris 2.4-6.  so far, the best i have been able to
come up with is a couple of very ineffective tripwires.

1.  a few lines in .Xlogout that write the host/date stamp to a file that
    is hidden a few directories deep.

    - this of course only works if someone logs in to my account using
    my own login/passwd, and it doesn't work over dialup at all.

2.  i have a .environment file that will write all of the relevant user
    info to a file if that user adds my directory with the "add" command

    - this will catch all superuser accesses *if and only if* they add
    my directory.  they could simply cd into my directory to bypass it.

anyone have any ideas for tripwires or any other methods i can use, having
only regular user access, to monitor ANY accesses made to my account,
especially by superusers/sysadmins?


thanks for your consideration of this question,

ken







More information about the cypherpunks-legacy mailing list