- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Logging telnet/ssh sessions on non-trusted systems
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2006 03:24 AM
07-18-2006 03:24 AM
Does anyone know of any scripts or applications that will perform this?
Thanks for any and all replies.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2006 03:28 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2006 03:29 AM
07-18-2006 03:29 AM
Re: Logging telnet/ssh sessions on non-trusted systems
Create (touch) '/var/adm/wtmp' to log successful logins. Create (touch) '/var/adm/btmp' to track unsuccessful logins. Both files should be owned by 'root' and writeable only by root.
In the case of the 'btmp' file, do *not* confer read privileges to other than root. To do so may expose password or other sensitive information to non-privileged users.
In addition to the 'wtmp' and 'btmp' files which can be examined with 'last' and 'lastb' respectively, you should also examine the switch-user ('su') log:
# /var/adm/sulog
You will see entries that look like:
SU 07/17 11:00 - ttyp3 jrf-root
SU 07/17 11:01 + ttyp3 jrf-root
...a "-" indicates failure; a "+" signals success. The direction of the switch is shown as the last field.
See the manpages foor 'last(1)' for more information.
Regards!
...JRF...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-18-2006 04:15 AM
07-18-2006 04:15 AM
Re: Logging telnet/ssh sessions on non-trusted systems
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-21-2006 04:35 AM
07-21-2006 04:35 AM
Re: Logging telnet/ssh sessions on non-trusted systems
It might be overkill for what you need.
http://h20338.www2.hp.com/hpux11i/cache/324806-0-0-0-121.html
Pierre
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-02-2006 01:59 PM
08-02-2006 01:59 PM
Re: Logging telnet/ssh sessions on non-trusted systems
Set export INETD_ARGS="-l" in file /etc/rc.config.d/netdaemons