HPE Community
Operating System - HP-UX
1753962 Members
7728 Online
108811 Solutions
New Discussion юеВ

telenet connections/syslog

 
SOLVED
Go to solution
Loretta Marshall
Occasional Contributor

тАО08-30-2000 10:58 AM

тАО08-30-2000 10:58 AM

telenet connections/syslog

I get this when they use qvtnet but not when they use EWAN.
Aug 30 10:27:43 apollo ftpd[4572]: connection from sub202212.ColState.EDU at Wed
Aug 30 10:27:43 2000
Aug 30 10:27:43 apollo ftpd[4572]: FTP LOGIN FROM sub202212.ColState.EDU, username
Aug 30 10:27:43 apollo ftpd[4572]: PORT
Aug 30 10:27:56 apollo ftpd[4572]: User username logged out
0 Kudos
Reply
8 REPLIES 8
Rita C Workman
Honored Contributor

тАО08-30-2000 11:03 AM

тАО08-30-2000 11:03 AM

Re: telenet connections/syslog

OK...I'm not real familiar with qvtnet, but I remember something about EWAN being a freeware telnet (...maybe..)
It looks like your logging is turned on for inetd. Is that your question? If you want it off you can change your /etc/rc.config.d/netdaemons file and turn off inetd. Then just do a /usr/sbin/inetd -c

But I'm not sure what your question is....
Reply
Loretta Marshall
Occasional Contributor

тАО08-30-2000 11:13 AM

тАО08-30-2000 11:13 AM

Re: telenet connections/syslog

Sorry, my question was from an earlier post. I was asking if
anyone noticed when users connect through qvtnet it would log the
connection in syslog but when using EWAN it would not log anything
in syslog. I would like it to log for either connection. I just assumed it
would log whenever anyone would telenet in.
0 Kudos
Reply
CHRIS ANORUO
Honored Contributor

тАО08-30-2000 11:23 AM

тАО08-30-2000 11:23 AM

Solution

Re: telenet connections/syslog

vi /etc/inetd.conf and at the end of the ftp line add ...ftpd (-lv). It is okay to unhash the line export INETD_ARGS = -l
in /etc/rc.config.d/netdaemons file and reinitialize inetd (inetd -c)
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
Reply
Rita C Workman
Honored Contributor

тАО08-30-2000 11:23 AM

тАО08-30-2000 11:23 AM

Re: telenet connections/syslog

I've never tried this, but I was wondering if EWAN comes via a particular port, and then which port it hits.
Since I believe it's telnet software it is probably hitting that port. So you may be able to turn the logging on via /etc/inetd.conf file by putting a -l at the end of the telnet line.
But double check on which port EWAN is hitting....

Just a thought,
0 Kudos
Reply
Loretta Marshall
Occasional Contributor

тАО08-30-2000 12:04 PM

тАО08-30-2000 12:04 PM

Re: telenet connections/syslog

Okay, well I did the following and was still unsuccessful:

changed /etc/inetd.conf - added ftpd -lv
/etc/rc.config.d/netdaemons INETD_ARGS = -l

even tried the -l at the end of the telnet line - and got a strange error when logging in.
0 Kudos
Reply
CHRIS ANORUO
Honored Contributor

тАО08-31-2000 02:12 AM

тАО08-31-2000 02:12 AM

Re: telenet connections/syslog

lORETTA,

DON'T USE -L IN FRONT OF THE TELNET LINE IN /ETC/INETD.CONF.
YOU CAN USE (-b /etc/issue) FOR MESSAGE AND SECURITY
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
CHRIS ANORUO
Honored Contributor

тАО08-31-2000 02:12 AM

тАО08-31-2000 02:12 AM

Re: telenet connections/syslog

LORETTA,

DON'T USE -L IN FRONT OF THE TELNET LINE IN /ETC/INETD.CONF.
YOU CAN USE (-b /etc/issue) FOR MESSAGE AND SECURITY
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
Tim Malnati
Honored Contributor

тАО08-31-2000 06:31 AM

тАО08-31-2000 06:31 AM

Re: telenet connections/syslog

Hopefully I can reduce some of the confusion here. Your initial post indicated that both qvtnet and EWAN were entering the machine via telnet. It is clear from your syslog entries that qvtnet is connecting via ftp instead. You appear to be logging the way you want on ftp just fine, so don't adjust it.

It appears that what you really want is user accounting. The preferred method is by using the wtmp and btmp accounting files. This can be done easily by simply creating these files with 'touch /var/adm/wtmp' and 'touch /var/adm/btmp'. Keep an eye on these files where they will grow. The internal formatting of the utmp, wtmp, and btmp files will consume a lot less space than narritive lines in syslog though. Use the fwtmp command to convert the contents of these files for report output, etc.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.