I've just gotten around to updating syd to version 3.2a.
I've run syd-v3.2a on Digital UNIX v3.2D-1, v3.2G, v4.0, & v4.0a.
Here's my changes since v3.2:
This latest update to the syd utility fixes the sendmail display
problem and adds the complete full argument buffer of the
process to the output display via the -l option.
A small change, but now will show admins the real commands behind
wily users who attempt to use $ /bin/sh <real_command> in an attempt
to hide their activity. Previously the -l option would have shown
only "/bin/sh" instead of the default "sh"; now the -l option will
show things like "/bin/sh ./bin/Crack /etc/passwd" if that
is actually being run by a user.
It is available in the same place as syd-3.2:
ftp://raven.alaska.edu/pub/randy/perf_mon_tools/syd-3.2a.tar.gz
ftp://raven.alaska.edu/pub/randy/Current_Index is a listing of the
entire ftp directory hierarchy below /pub/randy.
As usual direct problems/bugs to me directly.
--
Randy M. Hayman haymanr_at_icefog.alaska.edu
"Ethernet works in practice but not in theory" -- Bob Metcalfe
Received on Tue Oct 01 1996 - 01:08:14 NZST