Parsing bash_history and inputting into mysql (Intrusion Detection)
William Park
opengeometry at yahoo.ca
Fri May 20 22:42:19 EDT 2005
sreekanth.hari at gmail.com wrote:
> I have a seemingly tough assignment for my Senior Project. I need to
> develop an Intrusion Detection System.
>
> My approach is to parse the bash_history file of each user into a mysql
> database, assign a threshold for commands or sequences of commands and
> then alert the admin of nethin fishy is found.
~/.bash_history is written when Bash exits. Try
history -c
exit
and see what happens.
>
> My advisor reccomended I use python for writing the scripts.
>
> I am absolutely new to python and have no prior experience in it. That
> said
>
> Could any one tell me how exactly to go abt all this?
>
> Any tools or code that would make my life easier?
>
> Suggestions (which modules to use etc) ?
--
William Park <opengeometry at yahoo.ca>, Toronto, Canada
ThinFlash: Linux thin-client on USB key (flash) drive
http://home.eol.ca/~parkw/thinflash.html
More information about the Python-list
mailing list