Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The only other party to benefit from an exposed sys_call_table are kernel rootkit developers. To nudge benign developers on to solve problems "the right way" Linus forced some changes a long time ago including shielding the SCT. Asking for help with subverting the kernel to reroute syscalls (regardless of the reason for wanting it), code or library injection, any help with exploiting otherwise can be viewed as a hostile act. As such any help with it needs to be sought outside of Linuxquestions.org. I'm sorry but we're just not that kind of forum.
The only other party to benefit from an exposed sys_call_table are kernel rootkit developers. To nudge benign developers on to solve problems "the right way" Linus forced some changes a long time ago including shielding the SCT. Asking for help with subverting the kernel to reroute syscalls (regardless of the reason for wanting it), code or library injection, any help with exploiting otherwise can be viewed as a hostile act. As such any help with it needs to be sought outside of Linuxquestions.org. I'm sorry but we're just not that kind of forum.
I understand your reasons but I am sure that my project is legal!
What I try to do is, creating a kernel based keylogger (I am sysadm) with which help I can see what the users are doing on my system.
Of course I know that it might not be legal without warning the users, so I changed the SSH message to be something like: "Keep in mind that this system logs your every commands and key strokes! If you do not accept this terms, please log off"
So I guess my actions are ethically correct and legal!
I hope you do understand it!
Evinp, the main point here is that LQ is simply not the right place to get help writing these type of programs. What you're trying to do might be legal, but our members would still be violating the spirit of the LQ Rules if they were to help you with this. As such, I'm closing this thread.
What I try to do is, creating a kernel based keylogger
Ah, so that is what
Quote:
Originally Posted by Evinp
~/Desktop/Vorträge/kernel-exp/
suggests. I always thought "Vorträge" meant presentations. Anyway, keyloggers exist so why create one. Besides, and more importantly, there are other tried and true ways to track users: search this forum for threads about satisfying logging requirements as per PCI-DSS. Read a few of them and then open up a thread if you want to discuss approach or details.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.