Hello Experts,
Happy New Year to all of us,

In AIX 4.3.3 I am trying to figure out how is possible to find out the IP address that a telnet session - user uses to login in to host machine. My objective is by finding the login IP address to allow the user to login or not.

All users uses the same .profile

I am trying to get information using the gethostbyaddr or gethostbyname functions.

Which value to I have to pass ftom .profile to the .c program such that provide the gethostbyaddr/gethostbyname with the right argument. In other words how I can pass from the .profile to .c program the IP address that is trying to log in.

Thanks in Advanced

The gethostbyaddr returns a pointer to a hostent structure, which contains information obtained from one of the name resolutions services. The hostent structure is defined in the netdb.h file. Aka u can get the hostname of the connection, provided you know the ip address.

I dont get if the tcp server accepting connections is your program or it is any standard tcp server. If it is yours, then the listen(),accept() and inet_addr() will provide you with the ip address of the connection. If you dont know how it is done, this is it: Use first the socket(), then bind(), listen(),accept(),read(),close(),unlink(). Look for further details in your sockets reference manual in AIX.

If server is not yours, you can use the /etc/hosts.equiv file. I also dont get where the .profile gets involved.

Search the forums for the utilility lsof .... this utility compiles on many platforms and does wonders for understanding and seeing the relationship of processes to open files descriptor and sockets.. plus much more!!!

I tried this objective in SCO Unix with few lines scripting in .profile file:

for IP in `cat IPFile`
do
finger -fb | grep $IP > /dev/null
if [ $? -eq 0 ]
then
echo "You Are Not Allowed To Use Telnet Session In My System"
exit
fi
done


The IPFile contains all the IP's and hosts name in singular line format entry.

I still dont get it. why dont u use /etc/hosts.equiv in AIX. Note that if u use your script, .profile can be bypassed.

The main problem with /etc/hosts.equiv is that it is a VERY bad security hole.

By using IP spoofing, anyone can break into your system. There are other good ways to check the users when the login.

If someone can login as one of your users via /etc/hosts.equiv that could be very dangerous.

Is /etc/securetty an option?

Yes, but I assumed it was a local environment or something to use such a script. If it is public, then I guess he has to move to something more sophisticated like using firewalls. You can also download openssh for AIX that provides a good level of security, check http://freeware.bull.net. If more security is needed TCB should be considered.

Greetings Theodore