Hiding your self while you are on ServER!

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Hiding your self while you are on ServER!

Postby Sharky » Fri Feb 07, 2003 8:09 pm

Hi there Spender :)
again we meet.
I was wondering since grsecurity has the power of hiding process, do you think there's away you can be logged on to the server via username ( SSH or telnet ) such that even if other users do w or who they cant see you ? I was thinking of greating a special shell for that user and Givin it the h , I tried and did not work, maybe we have to hide something in SSH session as well.
any thoughts?
Sharky
 
Posts: 43
Joined: Fri Nov 01, 2002 10:12 pm

Postby spender » Fri Feb 07, 2003 9:53 pm

This has been discussed before on the forums. All you need to do it is the /proc restrictions, and you need to make some small userspace changes. You need to make /var/run/utmp and /var/log/wtmp only readable by root and group utmp (a group that you create). You should then make who and last sgid utmp. The /proc restrictions will take care of w.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm

Postby Sharky » Sat Feb 08, 2003 12:08 am

thank you spender.
I'll read other posts and struggle a bit fixing it :)
thank you indeed.
Sharky
 
Posts: 43
Joined: Fri Nov 01, 2002 10:12 pm


Return to grsecurity support