Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Trace connections
Top Forums UNIX for Advanced & Expert Users Trace connections Post 15295 by cejoe on Tuesday 12th of February 2002 05:35:38 PM
Old 02-12-2002
There may be an easier way to do this...but this is how I'd do it.
Use last to find the host the user in question is logged in from. Then go to that box and use 'ps' to determine who is telnetting to the box in question. If there is more than one person, The BOFH way would be to kill each process until the user in question mysteriously disappears from the target machine, but you probably dont want to do that. You can probably use a bit of common sense and login times etc to guess. Repeat this process until you reach machine A and the real username.

If the user has logged out it makes it more difficult.
 

10 More Discussions You Might Find Interesting

1. IP Networking

trace route ip

hi everybody , i have a solaris 5.6 box and i want to trace the route on an ip i treid traceroute but soalris 5.6 does not support it ... is there a command that can be used equivelent to traceroute ? thanks for your help (2 Replies)
Discussion started by: ppass
2 Replies

2. Shell Programming and Scripting

Function Trace

Does anyone know if there is a util out there to run through a shell script and be able to trace the function call tree. I have inherited some code and the original author was ****mad**** keen on functions - even ones called only once! If anyone knows of anything I would appreciate it - web... (3 Replies)
Discussion started by: ajcannon
3 Replies

3. UNIX for Dummies Questions & Answers

Trace DHCP - Help!

Can someone help me with commands to trace DHCP on an HP_UX box? Thanks! (0 Replies)
Discussion started by: nuGuy
0 Replies

4. HP-UX

how to trace the logs

Hi, Last day, In one of our unix boxes there was an issue wherein few of the directory structures were missing / got deleted. Is there any way by which we can find how it happened, I mean by going through syslog / which user had run what command? Thanks for your help (3 Replies)
Discussion started by: vivek_damodaran
3 Replies

5. HP-UX

How to trace a user

on HP-Unix how can i trace user for example "xxx999" ? (4 Replies)
Discussion started by: salhoub
4 Replies

6. Shell Programming and Scripting

how to supress the trace

Hi I am working in ksh and getting the trace after trying to remove the file which in some cases does not exist: $ my_script loadfirm.dta.master: No such file or directory The code inside the script which produces this trace is the following: ] || rm ${FILE}.master >> /dev/null for... (3 Replies)
Discussion started by: aoussenko
3 Replies

7. Solaris

Log Trace

Hi I would like to display only error messages from my log files while monotring application on my solaris box using tail command. Is there other way we can monitor please let me know? In general # tail -f "xyz.log' ---> this will display current activity of the logs, instead i would like... (4 Replies)
Discussion started by: gkrishnag
4 Replies

8. UNIX for Dummies Questions & Answers

Help with trace file

Hi, I am an oracle DBA pretty new to unix. We had one of the filesystems full and a colleague cleared some stuffs to create more space. I just checked now and found there is now more space available. How do i find exactly what he cleared? We have oracle database installed and its a RAC... (4 Replies)
Discussion started by: dollypee
4 Replies

9. Shell Programming and Scripting

Stack Trace

Hi All Thought it would be kind of fun to implement a stack trace for a shell script that calls functions within a sub shell. This is for bash under Linux and probably not portable - #! /bin/bash error_exit() { echo "=======================" echo $1 echo... (4 Replies)
Discussion started by: steadyonabix
4 Replies

10. AIX

Trace su to root

Hi, is it possible to trace everything about user that changes from its own user to root user, failed and successful attempts (I would need user and IP address of user that was trying to do that)? I tried adding auth.notice and auth.info in syslog.conf but it only tracks user withoud IP... (6 Replies)
Discussion started by: sprehodec
6 Replies

LEARN ABOUT SUNOS

ftpusers

ftpusers(4)															       ftpusers(4)

NAME

       ftpusers - file listing users to be disallowed ftp login privileges

SYNOPSIS

       /etc/ftpd/ftpusers

       The ftpusers file lists users for whom ftp login privileges are disallowed. Each ftpuser entry is a single line of the form:

       name

       where name is the user's login name.

       The FTP Server, in.ftpd(1M), reads the ftpusers file. If the login name of the user matches one of the entries listed, it rejects the login
       attempt.

       The ftpusers file has the following default configuration entries:

       root
       daemon
       bin
       sys
       adm
       lp
       uccp
       nuucp
       smmsp
       listen
       nobody
       noaccess
       nobody4

       These entries match the default instantiated entries from passwd(4). The list of default entries typically contains the superuser root  and
       other administrative and system application identities.

       The  root entry is included in the ftpusers file as a security measure since the default policy is to disallow remote logins for this iden-
       tity. This policy is also set in the default value of the CONSOLE entry in the /etc/default/login file. See login(1).  If  you  allow  root
       login  privileges  by  deleting the root entry in ftpusers, you should also modify the security policy in /etc/default/login to reflect the
       site security policy for remote login access by root.

       Other default entries are administrative identities that are typically assumed by system applications but never used for  local	or  remote
       login,  for  example sys and nobody. Since these entries do not have a valid password field instantiated in shadow(4), no login can be per-
       formed.

       If a site adds similar administrative or system application identities in passwd(4) and shadow(4), for example, majordomo, the site  should
       consider including them in the ftpusers file for a consistent security policy.

       Lines that begin with # are treated as comment lines and are ignored.

       /etc/ftpd/ftpusers	A file that lists users for whom ftp login privileges are disallowed.

       /etc/ftpusers	       See /etc/ftpd/ftpusers. This file is deprecated, although its use is still supported.

       /etc/default/login

       /etc/passwd	       password file

       /etc/shadow	       shadow password file

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWftpr			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |External			   |
       |			     |				   |
       | /etc/ftpd/ftpusers	     |				   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Obsolete			   |
       |			     |				   |
       | /etc/ftpusers		     |				   |
       +-----------------------------+-----------------------------+

       login(1), in.ftpd(1M), ftpaccess(4), ftphosts(4), passwd(4), shadow(4), attributes(5), environ(5)

								    1 May 2003							       ftpusers(4)
All times are GMT -4. The time now is 06:15 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy