HPE Community
Operating System - HP-UX
1752714 Members
6010 Online
108789 Solutions
New Discussion

Can I find IP of the person who is logging as ROOT

 
expertone
Advisor

‎08-01-2013 03:46 AM - last edited on ‎08-04-2013 10:31 PM by

‎08-01-2013 03:46 AM - last edited on ‎08-04-2013 10:31 PM by

Can I find IP of the person who is logging as ROOT

I have root acess to the server and other persons also do have.

 

We all loggin though our Login Id and Password. No one is using the root LOGIN ID and PASSWORD.

 

But in my logs what i found is some one is logging with the ROOT id, Now what I want is to find its ip.

Means the IP of the person who is logging as root.

 

So can any body tell me is there any way to find out. I know the root PASSWORD but I want to find out the person's ip, who is logging as root.

 

 

Thanks and regard

Ashish

 

 

P.S. This thread has been moved from Servers > General to HP-UX > sysadmin.

-HP Forum Moderator

 

0 Kudos
Reply
5 REPLIES 5
Jimmy Vance
HPE Pro

‎08-01-2013 04:17 AM

‎08-01-2013 04:17 AM

Re: Can I find IP of the person who is logging as ROOT

try using "last" as it shows a listing of the last logged in users and their IP/hostnames. 

No support by private messages. Please ask the forum! 
0 Kudos
Reply
expertone
Advisor

‎08-01-2013 04:30 AM

‎08-01-2013 04:30 AM

Re: Can I find IP of the person who is logging as ROOT

I am not able to use last command, It is showing following errors.

 

#
# last -R
Invalid record size. Unable to continue ...

 

#
# last
Invalid record size. Unable to continue ...

 

what to do now.

 

 

 

Thanks and regard

Ashish

 

0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎08-01-2013 08:56 PM

‎08-01-2013 08:56 PM

Re: Can I find IP of the person who is logging as ROOT

>Invalid record size. Unable to continue ...
>what to do now?

 

What OS version are you using?

0 Kudos
Reply
expertone
Advisor

‎08-02-2013 04:39 AM

‎08-02-2013 04:39 AM

Re: Can I find IP of the person who is logging as ROOT

its hp ux 11 iv3
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎08-02-2013 01:00 PM - edited ‎08-02-2013 01:02 PM

‎08-02-2013 01:00 PM - edited ‎08-02-2013 01:02 PM

Re: Can I find IP of the person who is logging as ROOT

You have a corrupt wtmps file.  How much time are you willing to spend to fix it?

See my posts in:

http://h30499.www3.hp.com/t5/System-Administration/decode-contents-of-wtmp-file/m-p/5569517

http://h30499.www3.hp.com/t5/System-Administration-Knowledge/Decoding-contents-of-wtmp-file/ta-p/5582753

 

Also, is anyone using su or sudo to switch to root?  There are separate logs for that.

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.