HPE Community
Operating System - HP-UX
1833285 Members
3062 Online
110051 Solutions
New Discussion

FTP log

 
Wendy_9
Frequent Advisor

‎07-23-2003 01:19 AM

‎07-23-2003 01:19 AM

FTP log

Hi,

Apart from syslog.log, does anyone know that there is any log recorded the unsuccessful and successful ftp login which can show the IP and username.

Regards,
Wendy
0 Kudos
Reply
9 REPLIES 9
twang
Honored Contributor

‎07-23-2003 01:29 AM

‎07-23-2003 01:29 AM

Re: FTP log

For successful ftp login :
# last |grep ftp
0 Kudos
Reply
Tony Constantine
Frequent Advisor

‎07-23-2003 01:40 AM

‎07-23-2003 01:40 AM

Re: FTP log

syslog.log is the only log where ftp details could be recorded - IF it is switched on in /etc/inetd.conf (ftpd -Lv)

The only other possibility is if someone has modified /etc/syslog.conf to redirect ftp logs to a different file than syslog, eg;

local5.info;mail.none /var/adm/syslog/ftp.log

In this case ftp messages dont go to syslog but to ftp.log.
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-23-2003 01:44 AM

‎07-23-2003 01:44 AM

Re: FTP log

Hi Wendy.
Yes, there is.
If you configure your inetd in /etc/inetd.conf.
You should find a line starting with ftp.

ftp stream tcp nowait root /usr/lbin/ftpd ftpd -l -u 022 -i -o -B8

-l means logging into /var/adm/syslog/syslog.log.

-u gives you the umask for the creation of a file by ftp

-i writes transfers to /var/adm/syslog/xferlog.
This file contains all successfully transfered files.

-B size
Sets the buffer size of the data socket to size
blocks of 1024 bytes. The valid range for size is from 1 to 64.


If you change your ftp line like this, you should have your problem solved. But keep an eye on this file.
It may grow fast.
Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-23-2003 01:46 AM

‎07-23-2003 01:46 AM

Re: FTP log

Sorry, forgot to tell you have to restart the inetd after the change.
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Wendy_9
Frequent Advisor

‎07-23-2003 01:48 AM

‎07-23-2003 01:48 AM

Re: FTP log

Hi,

That means I cannot know the IP of the user that has unsuccessful FTP login.

Is it correct??

Regards,
Wendy
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-23-2003 01:54 AM

‎07-23-2003 01:54 AM

Re: FTP log

Hi Wendy.
You can see the ftp logins in /var/adm/syslog/syslog.log .
Only the successful jobs will be logged in /var/adm/syslog/xferlog.

syslog.log :

Jul 23 09:03:29 hpnss-01 ftpd[3815]: FTP LOGIN FROM densswks0035.win.europe.ups.com [10.131.245.57], root


xferlog :

Wed Jul 23 09:05:16 2003 0.880501 densswks0035.win.europe.ups.com 1082794 /opt/cfg2html/hpnss-01.txt b _ o r root ftp 0 * 1058943916 0.000000

Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
Stefan Farrelly
Honored Contributor

‎07-23-2003 01:58 AM

‎07-23-2003 01:58 AM

Re: FTP log

correct
Im from Palmerston North, New Zealand, but somehow ended up in London...
0 Kudos
Reply
Alexander M. Ermes
Honored Contributor

‎07-23-2003 02:11 AM

‎07-23-2003 02:11 AM

Re: FTP log

Wendy,
you should work on your reputation in assigning points.
;-)
Rgds
Alexander M. Ermes
.. and all these memories are going to vanish like tears in the rain! final words from Rutger Hauer in "Blade Runner"
0 Kudos
Reply
twang
Honored Contributor

‎07-23-2003 04:25 AM

‎07-23-2003 04:25 AM

Re: FTP log

Wendy,
Yes, for successful ftp login, you may issue "last |grep ftp". And you may see syslog.log for details.
As i know that no log records unsuccessful ftp login information.

regards
twang
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.