Quote:
Originally Posted by Tux-Idiot
joe@localpub# cat >> .bashrc << EOF
EXPORT REMP="ping -c 10 IP.ADD.RE.SS"
EOF
joe@localpub# source .bashrc
i grep from the ICMP/IPtables log who has pinged me 10 times. i dont even appear in your .bash_history  or parse the ping -c 10 IP.ADD.RE.SS from egress traffic log at startup/shutdown. now you audit. :-p |
Yes i'm going to audit you. I don't think so your command going to run. You are just creating a variable and that too with capital EXPORT which will result into an error:
Code:
EXPORT: command not found
If you replace with following, it will just export REMP but it will not ping anywhere
Code:
export REMP="ping -c 10 google.com"
and whe your command get executed it will get audited 100% here is output:
Audited event
Code:
ping S monk stderr 0.00 secs Wed Apr 30 03:36