所以最近我发现有人在未经同意的情况下使用我的电脑,浏览文件夹等......
I could change all my passwords straight away, but I'm curious as the what the intruding party was looking for. So I would like to set up a trap ( evil grin ).
What software will monitor any activity on my computer? While I know that capturing my screen will work here. I'd rather use a logfile.
For example:
/var/log/activity.log
[1 Aug 2010 20:23] /usr/bin/thunar accessed /multimedia/cctv-records/
[1 Aug 2010 20:25] /usr/bin/mplayer accessed /multimedia/cctv-records/00232.avi
[3 Aug 2010 02:34] /usr/bin/thunderbird …
目前我正在使用以下内容来检查进程实际运行的时间:
ps -eo uid,pid,etime | egrep '^ *MY_ID' | egrep 'PID_OF_PROCESS'
并输出以下内容:
MY_ID PID_OF_PROCESS 00:16
但是,在该过程结束后,我想知道它实际运行了多长时间,但似乎找不到该信息。