For a Linux system I am building. I have a system I am putting together for my nephew and my sister wants to be able to monitor his activities. I found a ton for Windows but the ones I found for Linux systems... well I have not a clue if they are any good and the documentation is not adequate enough to answer my questions.

What I want is a keylogging tool that I can set-up to run anytime the system is booted and to write to a local file that I or my sister can retrieve at our liesure. And I want it so he doesn't know it's even there. The system will be a SuSE 9.2 Pro box.

Thanks

Possibly http://sourceforge.net/projects/lkl/ ?

You could also go down the hardware route with something like this:

http://www.thinkgeek.com/gadgets/electronic/5a05/

Does she really need a keylogger, or do you just want to keep track of websites visited, etc? Would a proxy be better?


(ps - Hey long time no see oldtimer!)

This is a direct request from my sister to me. So I shall oblige. As for the porn sites I am looking into blocking them. That is actually pretty easy. The keylogging is something different. I am not sure what she is after but... women!

(I have been popping in occassionally to check up, but time has not been very abundant so I don't post unless I have too.)

sounds exactly like a standard female. ;) trust me, after less than a week she wouldnt bother with all those logs

kick me in the head... I got the darn thing to work, works great but I can't remember where to put the start up entry so it will run at boot time!

Is it here?

/ect/rc.d --> drop a start up script here?

Simple start up script I have planned to put in /ect/rc.d:

#!/bin/bash
# Start keylogger at boot time.

/usr/local/bin/lkl -l -k /usr/local/lkl/keymaps/us_km -o /var/log/lklLog.file

Now technically this should be all I need correct? Or is there another place I should put this?

Okay so I put the simple start up script in the /etc/rc.d folder and it totally messes with the keyboard now. So this is a bust. Any ideas?

Ummm I'm not so sure but don't you need to change rc.conf to go ahead and tell it to execute the script on startup or something? I may be mistaken and I've only really dealt with rc on FreeBSD so sorry if I'm mistaken.

I can't remember either. Thing is when I put the script I wrote in the /etc/rc.d directory it works when I reboot, but the keyboard acts all weird or will intermittently stop working. Not sure what is going on.

Mike, try dropping that into the appropriate ~/.bashrc file, and see how that gets along for you?
[added]
or at the end of /etc/default/rcS

the user .bashrc? have it run at login time? Okay...

Here is the error message: Have to be root to perform a iopl()!

Yeah, like I just added above, maybe /etc/default/rcS might be a better idea.

...at any rate, you want that puppy to initialize after the keymaps are loaded.

[sp]

add your lines to /etc/init.d/rc.local

I don't have /etc/init.d/rc.local!

I did a complete search of my system and no rc.local. This is a SuSE 9.2 LSB compliant box. So now what?

And thanks for the help so far folks! It is greatly appretiated!!

Originally posted by MkIII_Supra
I don't have /etc/init.d/rc.local!

I did a complete search of my system and no rc.local. This is a SuSE 9.2 LSB compliant box. So now what?

And thanks for the help so far folks! It is greatly appretiated!!

What is in /etc/init.d then?

Originally posted by psi42
What is in /etc/init.d then? Or /etc/rc.d/init.d -- some distros put it there.

/etc/rc.d

/etc/init.d

And this is what I see in them


John: ls
acpid boot.isapnp boot.swap lirc powerfail reboot snmpd
alsasound boot.klog boot.sysctl Makefile powersaved resmgr spamd
atd boot.ldconfig boot.udev mdadmd powertweakd rpasswdd splash
autofs boot.loadmodules cron microcode ptal rpmconfigcheck splash_early
autoyast boot.local cups network random rsyncd sshd
bluetooth boot.localfs esound nfs raw running-kernel SuSEfirewall2_final
boot boot.localnet fbset nfsboot rc sane SuSEfirewall2_init
boot.clock boot.md gpm nfsserver rc0.d saslauthd SuSEfirewall2_setup
boot.coldplug boot.pnet halt nmb rc1.d setserial syslog
boot.crypto boot.proc halt.local nscd rc2.d single vmware
boot.d boot.restore_permissions hwscan ntop rc3.d skeleton winbind
boot.device-mapper boot.rootfsck irda openct rc4.d slmodemd xdm
boot.evms boot.sched isdn pcmcia rc5.d slpd xfs
boot.hotplug boot.scpm joystick pcscd rc6.d smb xinetd
boot.idedma boot.scsidev kbd portmap rcS.d smbfs xntpd
boot.ipconfig boot.shm ksysguardd postfix README smpppd ypbind
John: pwd
/etc/init.d
John:

I am looking at the boot script in /etc/init.d and /etc/rc.d trying to figure out where the keyboard is initialized, I am thinking that I can insert my Keylogger commands right after that and it should get rid of the wierd keyboard behavior I am seeing intermittently. What do you guru's think?

Might it be located under boot.d? I would think this would be the next most logical place, and it looks to be a symlink to somewhere so maybe it goes to the right spot?

Scratch that, it's a directory. Either way I'd still look in there to see if that's it.

boot.d is a directory not a symlink, but look in there just in case, also look at the boot.local file (it looks a likely candidate), if you are supposed to add your own commands to it it should have a comment to say so.

Otherwise look at the last (in alphanumeric order) symlink in the rc3.d or rc5.d directories (the directory to check depends on what initdefault is set to in /etc/inittab). Whatever file it points to should be the "local" script, but even if not, that file is a decent candidate for adding your keylogger anyway.