The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hiding from users in SSH

Discussion in 'General Discussion' started by sexy_guy, May 15, 2003.

  1. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    As a general rules of thumb there really should be a way to be able to hide from other users on the system. When im logged in as root those logged in SSH can do a listing of whos on the server and see me on the box as Admin. There have been times that i have been monitoring exim_mainlog using tail only to find users also looking in my log files because they saw me doing it online :confused: Before you flame me on this issue i know this is not a Cpanel issue so dont bother. Im just mentioning it because its bothersome.
     
  2. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Spain
  3. Danks

    Danks Active Member

    Joined:
    Oct 10, 2001
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
  4. roman

    roman Well-Known Member
    PartnerNOC

    Joined:
    Feb 13, 2002
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    You can use screen, screen allows you to open multiple sessions via one telnet/ssh connection. From screen type Control a L this will log you out from utmp which means you won't appear in w or who.
     
  5. xsenses

    xsenses Well-Known Member

    Joined:
    Aug 29, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Huntington Beach, Ca
    Can't you just su to root from another account, works for me..?
     
  6. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for that. How many people are using grsecurity kernels on cPanel? Im running the latest from RH however i would like to apply grsecurity if possible. Anyone have a howto on doing this without hosing the system?
     
  7. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Can you briefly explain how this works and how it hides you from other users?
     
  8. xsenses

    xsenses Well-Known Member

    Joined:
    Aug 29, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Huntington Beach, Ca
    I am not entirely sure that was why I added the question mark, but who or users shows the user I su -ed from. I will try it from 2 different shells and user to see what it shows, if I can win the battle with apf (it's kicking my a$$ at the moment).
     
  9. xsenses

    xsenses Well-Known Member

    Joined:
    Aug 29, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Huntington Beach, Ca
    I tested it. Logged in on two different shells/users and can only see the user I su -ed to root with.
     
  10. Danks

    Danks Active Member

    Joined:
    Oct 10, 2001
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
  11. Danks

    Danks Active Member

    Joined:
    Oct 10, 2001
    Messages:
    25
    Likes Received:
    0
    Trophy Points:
    1
    and if you want to apply it yourself just download the latest patch from grsecurity and the latest kernel source, untar it and run patch -p0 < grsecurity....patch
     
  12. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    What's apf? :confused:
     
  13. xsenses

    xsenses Well-Known Member

    Joined:
    Aug 29, 2002
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Huntington Beach, Ca
    Advanced Policy Firewall:
    http://www.r-fx.net/apf.php

    It is actually really simple to get up and running, I was adding ports to the wrong line :(.
     
Loading...

Share This Page