Thank you for this my.hndl. There are some issues i have been having and seems your methodology may work on Fedora and others OSs.
Thankx ./Chuks On 9/30/09, maxigas <maxi...@anargeek.net> wrote: > From: "bo...@civ.zcu.cz" <bo...@civ.zcu.cz> > Subject: Re: [Full-disclosure] Modifying SSH to Capture Login Credentials > from Attackers > Date: Wed, 30 Sep 2009 00:03:51 +0200 > >>> All standard users have read access to /var/log/auth, so if root >> >> they shouldn't, at least on my default debian they don't ... > > On my default Ubuntu, users in "adm" group have reac access to the > authentication log file: > > m...@machine: ls -l /var/log/auth.log > -rw-r----- 1 syslog adm 46774 2009-09-30 01:10 /var/log/auth.log > > -- > ×× maxigas > // villanypásztor / kiberpunk / web shepherd // > > -= Important communication disclaimer: by replying to my emails you are > disclaiming all your disclaimers. =- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosig...@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/