Basically its necessary to know what all user are doing or did on your system which can help us in hardening the system.
- To view commands which were executed by a specific user :
~$ sudo nano /home/"username"/.bash_history
- To view what a user is doing currently onto your system :
~$ w
- For live view of linux shell commands executed by another user :
~$ ssh host /bin/sh -i
- Live view of linux shell commands executed by another user can be done by tools in much better way such as :
- Sniffy // recommended
- Sysdig
- Snoopy
No comments:
Post a Comment