Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

redirecting all stderr to file

Posted on 2003-02-23
4
Medium Priority
?
239 Views
Last Modified: 2011-09-20
Hai All!
   I am doing a intrusion detection project where i have to trace all user activities. I want to redirect all error messages(stderr) to a file with the user who did that. please guide me how to do this task. Is there any other techniques to trace all user activities. i am using linux 7.2 and developing in C.
0
Comment
Question by:shenasar
  • 2
4 Comments
 
LVL 46

Accepted Solution

by:
Kent Olsen earned 200 total points
ID: 8008846

You can do it at the shell level with:

SomeProgram 2>RedirectedFileName


Your C program can do it too, by calling freopen():

stderr = freopen ("RedirectedStderrFileName, "w", stderr);


Note that this should probably be a "two step call".  If freopen() fails the method abouve will have set stderr to NULL -- not a good thing.  If the redirect file already exists and is "read only" the function may fail.


Good Luck,
Kdo
0
 

Author Comment

by:shenasar
ID: 8031486
Hai!
  I need some more information. what i am trying to do is to trace all user activities. For example, the error message that comes when an user try to access  /root directory has to be redirected to a file specifying the name of the user,command he executed, time, etc.
  please guide me how to do that, because i am at the neck of my project work.
0
 
LVL 46

Expert Comment

by:Kent Olsen
ID: 8033113
Ahha,

I read your first post to mean something else.  What you're really trying to do is capture all of the shell commands and errors.

There's actually quite a large business in providing this kind of security to unix.  Several companies provide plug-in security, though they are rather expensive.

Two suggestions come to mind.

If you're trying to contain people that have legitimage access to your system you can always force them to your own shell and just limit the things that you'll let them do.

If you've got source code for the shell processors (ksh, bsh, etc) you can always build in the functionality that you're looking for.


Kdo
0
 

Expert Comment

by:CleanupPing
ID: 9447559
shenasar:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn how to make Android Gesture Tutorial and give different functionality whenever a user Touch or Scroll android screen.
If you are a mobile app developer and especially develop hybrid mobile apps then these 4 mistakes you must avoid for hybrid app development to be the more genuine app developer.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question