01-16-2002
OK, I'm trying to get this straight:
You have a user on your machine that is cracking accounts on other machines. You would like to limit where this user can go?
Frankly, I would eject this user right away! She is a liability to you and your organization. The first way I could think of, would be to use groups to allow execution of any client binary you want him away from (telnet, rlogin, ssh, etc...) by only that group. Add other users to that group, but disclude him from that group, so he can't even use them. Don't forget to remove access for compilers, ftp (inbound), perl, and even certain shells. (For example, some shells can communicate via a psuedo-device "/dev/tcp/host/port" that may allow some access....).
Best advice, rm -r /home/userdir... get rid of the punk.
10 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
hi,
i have in my /etc/group an unix group full.
i need to add new user in this group.
users need to have the same gid and the same name...
is it possible ?
can i create a concatenation with an other group or something else ?
thx (1 Reply)
Discussion started by: farzolito
1 Replies
2. UNIX for Dummies Questions & Answers
I have installed vnc on my computer but do not want every one to be able to incite a vncserver
how can I limit users of the vncserver command to only a specifc group? (1 Reply)
Discussion started by: macdonto
1 Replies
3. UNIX for Dummies Questions & Answers
I'm setting up a file server for users. Does anyone know how I can limit each users directory to 500MB?
--------------
Runing Solaris 8 (3 Replies)
Discussion started by: merlin
3 Replies
4. SCO
Hello Every One. :D
Can any 1 tell how to configure unix so that only specified IP's can connect to that machine using telnet. :rolleyes: I guess there is also sum stratgy to limit it by time. such as from 9 a.m to 5 p.m. :eek:
This is imp 4 me. plz help
Thanks
Shaikh Naveed
Islamabad.... (5 Replies)
Discussion started by: shaikh.naveed
5 Replies
5. AIX
Trying to limit 1 login per account...
Setup:
We have 2 auth logins, one to the AIX (telnet)then into a distribution mgmt software, the users do not have a shell to log into on the AIX itself, so placing a script such as:
active=`who | awk '{printf",%s,\n",$1}' | grep ,$LOGNAME, | wc -l`
... (0 Replies)
Discussion started by: pheusion
0 Replies
6. Shell Programming and Scripting
hello, i'm trying to figure out a way to limit the output from an SQL query that is counting the number of occurances of a value in a field and the problem is when i run this query against a huge file with many unique values the output is pretty huge.
Is there a way i can specifically LIMIT the... (2 Replies)
Discussion started by: bobk544
2 Replies
7. Shell Programming and Scripting
I am doing an ftp of around 1010 files and I am using mput for this. For some reason its only transferring 10 or 20 files and the rest are
not getting transferred. There is some socket error in the log. is there an issue if we have more than 50 or so files for mput.
here is the o/p in the log... (2 Replies)
Discussion started by: dsravan
2 Replies
8. Solaris
Hi all, I'm using to Solaris machine. When I run a simple script this messenger come out:"limit: stacksize: Can't remove limit". Any one know the way to resolve this problem without reboot the machine?
Thanks in advance. (3 Replies)
Discussion started by: Diabolist9
3 Replies
9. Solaris
Hi,
I can able to view the limit of ARG_MAX ENV variable using the command:
getconf ARG_MAX
can we modify the value of ARG_MAX somewhere or is that common value depending upon the version of kernel ? (1 Reply)
Discussion started by: penqueen
1 Replies
10. UNIX for Dummies Questions & Answers
// AIX 6.1 & Power 7 server
I have maxuproc set to 16384.
lsattr -El sys0 -a maxuproc
maxuproc 16384 Maximum number of PROCESSES allowed per user True
What is the maximum number of maxuproc we can go for?
If I increase maxuproc to the higher number, what would be ramifications?
I... (1 Reply)
Discussion started by: Daniel Gate
1 Replies
LEARN ABOUT ULTRIX
netgroup
netgroup(5yp) netgroup(5yp)
Name
netgroup - list of network groups
Description
The file defines network-wide groups used for permission checking when doing remote mounts, remote logins, and remote shells. For remote
mounts, the information in the file is used to classify machines; for remote logins and remote shells, it is used to classify users. Each
line of the file defines a group and has the following format:
groupname member1,...,member_n
Each member is either another group name or a combination of the host name, user name, and domain name.
Any of the three fields can be empty, in which case a wildcard is assumed. For example, to define a group to which everyone belongs, the
following entry could appear in the file:
universal (,,)
Field names that begin with something other than a letter, digit, or underscore (such as ``-'') work in the opposite way. For example:
justmachines (analytica,-,suez)
justpeople (-,babbage,suez)
The machine analytica belongs to the group justmachines in the domain suez, but no users belong to it. Similarly, the user babbage belongs
to the group justpeople in the domain suez, but no machines belong to it.
Network groups are part of the Yellow Pages data base and are accessed through these files:
/etc/yp/domainname/netgroup.dir
/etc/yp/domainname/netgroup.pag
/etc/yp/domainname/netgroup.byuser.dir
/etc/yp/domainname/netgroup.byuser.pag
/etc/yp/domainname/netgroup.byhost.dir
/etc/yp/domainname/netgroup.byhost.pag
These files can be created from using
Files
/etc/netgroup
/etc/yp/domainname/netgroup.dir
/etc/yp/domainname/netgroup.pag
/etc/yp/domainname/netgroup.byuser.dir
/etc/yp/domainname/netgroup.byuser.pag
/etc/yp/domainname/netgroup.byhost.dir
/etc/yp/domainname/netgroup.byhost.pag
See Also
getnetgrent(3yp), makedbm(8yp), ypserv(8yp)
netgroup(5yp)