HPE Community
Operating System - HP-UX
1830077 Members
1823 Online
109998 Solutions
New Discussion

How to trace rlogin users

 
SOLVED
Go to solution
ashan
Advisor

‎06-08-2003 05:07 PM

‎06-08-2003 05:07 PM

How to trace rlogin users

Hi, how do I trace rlogin users.When I grep
for syslog.log I cant get more info.

Regards

Ashan
0 Kudos
Reply
8 REPLIES 8
Chris Wilshaw
Honored Contributor

‎06-08-2003 05:52 PM

‎06-08-2003 05:52 PM

Re: How to trace rlogin users

If you use

last -R

that will show you the name/ip address of the machine that they connected from.
0 Kudos
Reply
suki
Frequent Advisor

‎06-08-2003 06:09 PM

‎06-08-2003 06:09 PM

Re: How to trace rlogin users

Hi ,
You can get all the info related with who are the persons logged in and what are the interfaces they used to connect by issueing
#last -R
If provided you have a valid /var/adm/wtmp file.

-suki
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎06-08-2003 07:29 PM

‎06-08-2003 07:29 PM

Re: How to trace rlogin users

In addition to the information provided above if you have the -l logging option in your /etc/inetd.conf file you will see a log of all rlogin entries in your /var/adm/syslog/syslog.log file.

With Secure shell being free however, there is probably not a good reason not to dump the insecure Berkely protocols and go with ssh.

There are plenty of posts in my name showing how easy it is to upgrade and get the same functionality.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
ashan
Advisor

‎06-08-2003 09:07 PM

‎06-08-2003 09:07 PM

Re: How to trace rlogin users

Hi SEP,

how to add in the /etc/inetd.conf

give a example please.

Regards

Ashan

0 Kudos
Reply
V.Tamilvanan
Honored Contributor

‎06-08-2003 09:57 PM

‎06-08-2003 09:57 PM

Re: How to trace rlogin users

Hi,
You can use the logging facility of inetd itself. To enable you need to execute
#/usr/sbin/inetd -l

This command can be executed online.

Whenever a connetion established to your server using inetd services it will be logged in /var/adm/syslog/syslog.log file.

HTH
0 Kudos
Reply
V. V. Ravi Kumar_1
Respected Contributor

‎06-08-2003 10:45 PM

‎06-08-2003 10:45 PM

Solution

Re: How to trace rlogin users

Hi,

Add -l to this line in ur /etc/inetd.conf file.

login stream tcp nowait root /usr/lbin/rlogind rlogind -l

Reread inetd
#inetd -c

This will log to /var/adm/syslog/syslog.log

Regards
Never Say No
Reply
Robert-Jan Goossens
Honored Contributor

‎06-08-2003 10:57 PM

‎06-08-2003 10:57 PM

Re: How to trace rlogin users

Hi Ashan,

Next step could be running accounting.
change START_ACCT to 1 in /etc/rc.config.d/acct
start accounting by running /sbin/init.d/acct start
All users commands are now logged in /var/adm/pacct. You can list commands with the command # lastcomm. By sure that you have enough space in /var.

Hope it helps,

Robert-Jan.


Reply
V. V. Ravi Kumar_1
Respected Contributor

‎06-08-2003 11:13 PM

‎06-08-2003 11:13 PM

Re: How to trace rlogin users

hi,
in my earlier post i think i was wrong, -l to rlogind line in /etc/inetd.conf only limits the normal users expect root to use .rhosts for authentication.

inetd -l will do your work.

sorry for the same.
Regards
Never Say No
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.