[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Logs

Subject: [ale] Logs
From: gnies at Lanier.COM (George Nies)
Date: Wed, 24 Jul 1996 19:17:24 -0400 (EDT)

> 
> 
> 	Is there a way to determine the IP addresses to which users on a 
> linux machine have telneted from?  I have checked the /var/adm/lastlog 
> which would seem to be a good place to put it but the file does not seem 
> to be in a text format.  How can i find the IP addresses of users that 
> telnet to my machine?
> 
> 
> 						-Tim	

Assuming you installed slackware, you are running a package called
TCP Wrappers.  A quick look at /etc/inetd.conf will tell you.

# sample lines from /etc/inetd.conf
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/wu.ftpd
telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  /usr/sbin/in.telnetd
# end sample

tcpd logs incomming connections through syslogd.
check out /var/adm/messages for lines like:

Jul 24 17:24:50 yourhostname in.telnetd[31189]: connect from foo.fee.org
for telnet,
Jul 24 17:23:50 yourhostname in.rlogind[31184]: connect from foo.fee.org
for rlogin,
Jul 24 17:23:50 yourhostname in.rshd[31184]: connect from foo.fee.org
for rsh.



	-George

Prev by Date: [ale] Logs
Next by Date: [ale] Linux System from the Ground up.
Previous by thread: [ale] Logs
Next by thread: [ale] Linux System from the Ground up.
Index(es):
- Date
- Thread