- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: track rlogin,remsh,rcmd
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-15-2009 09:37 PM
тАО09-15-2009 09:37 PM
Re: track rlogin,remsh,rcmd
inetd -l is tracing the connection source.
but not telling which user initiated it.
how to find the user pls.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-15-2009 09:48 PM
тАО09-15-2009 09:48 PM
Re: track rlogin,remsh,rcmd
You can check your syslog.log file
Suraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2009 05:18 AM
тАО09-16-2009 05:18 AM
Re: track rlogin,remsh,rcmd
Run the "last" command to get a list of logins by time & username. When you find a login time that matches the time of the rlogin use (with an accuracy of about +/- 1 second), you'll know the name of the user account that was accessed with rlogin.
If you have assigned personal user accounts to each user, the name of the user account should normally be enough to identify the user.
If you have user accounts that are used by multiple users, you may have to examine the logs of each rlogin client machine to find out who was using them at the time rlogin was used. (And you will also understand by experience why security auditors say that multi-user accounts are a bad thing.)
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2009 07:09 AM
тАО09-16-2009 07:09 AM
Re: track rlogin,remsh,rcmd
Is there a way to find the connections initiated from the server.
inetd -l is showing only the ones coming to the server.
thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2009 07:26 AM
тАО09-16-2009 07:26 AM
Re: track rlogin,remsh,rcmd
UNIX because I majored in cryptology...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-16-2009 08:49 AM
тАО09-16-2009 08:49 AM
Re: track rlogin,remsh,rcmd
I close the thread here.
- « Previous
-
- 1
- 2
- Next »