02-12-2002
There may be an easier way to do this...but this is how I'd do it.
Use last to find the host the user in question is logged in from. Then go to that box and use 'ps' to determine who is telnetting to the box in question. If there is more than one person, The BOFH way would be to kill each process until the user in question mysteriously disappears from the target machine, but you probably dont want to do that. You can probably use a bit of common sense and login times etc to guess. Repeat this process until you reach machine A and the real username.
If the user has logged out it makes it more difficult.
10 More Discussions You Might Find Interesting
1. IP Networking
hi everybody ,
i have a solaris 5.6 box and i want to trace the route on an ip i treid traceroute but soalris 5.6 does not support it ...
is there a command that can be used equivelent to traceroute ?
thanks for your help (2 Replies)
Discussion started by: ppass
2 Replies
2. Shell Programming and Scripting
Does anyone know if there is a util out there to run through a shell script and be able to trace the function call tree. I have inherited some code and the original author was ****mad**** keen on functions - even ones called only once!
If anyone knows of anything I would appreciate it - web... (3 Replies)
Discussion started by: ajcannon
3 Replies
3. UNIX for Dummies Questions & Answers
Can someone help me with commands to trace DHCP on an HP_UX box?
Thanks! (0 Replies)
Discussion started by: nuGuy
0 Replies
4. HP-UX
Hi,
Last day, In one of our unix boxes there was an issue wherein few of the directory structures were missing / got deleted.
Is there any way by which we can find how it happened, I mean by going through syslog / which user had run what command?
Thanks for your help (3 Replies)
Discussion started by: vivek_damodaran
3 Replies
5. HP-UX
on HP-Unix how can i trace user for example "xxx999" ? (4 Replies)
Discussion started by: salhoub
4 Replies
6. Shell Programming and Scripting
Hi
I am working in ksh and getting the trace after trying to remove the file which in some cases does not exist:
$ my_script
loadfirm.dta.master: No such file or directory
The code inside the script which produces this trace is the following:
] || rm ${FILE}.master >> /dev/null
for... (3 Replies)
Discussion started by: aoussenko
3 Replies
7. Solaris
Hi
I would like to display only error messages from my log files while monotring application on my solaris box using tail command.
Is there other way we can monitor please let me know?
In general # tail -f "xyz.log' ---> this will display current activity of the logs, instead i would like... (4 Replies)
Discussion started by: gkrishnag
4 Replies
8. UNIX for Dummies Questions & Answers
Hi,
I am an oracle DBA pretty new to unix. We had one of the filesystems full and a colleague cleared some stuffs to create more space. I just checked now and found there is now more space available. How do i find exactly what he cleared? We have oracle database installed and its a RAC... (4 Replies)
Discussion started by: dollypee
4 Replies
9. Shell Programming and Scripting
Hi All
Thought it would be kind of fun to implement a stack trace for a shell script that calls functions within a sub shell. This is for bash under Linux and probably not portable -
#! /bin/bash
error_exit()
{
echo "======================="
echo $1
echo... (4 Replies)
Discussion started by: steadyonabix
4 Replies
10. AIX
Hi,
is it possible to trace everything about user that changes from its own user to root user, failed and successful attempts (I would need user and IP address of user that was trying to do that)?
I tried adding auth.notice and auth.info in syslog.conf but it only tracks user withoud IP... (6 Replies)
Discussion started by: sprehodec
6 Replies
LEARN ABOUT SUNOS
ftpusers
ftpusers(4) ftpusers(4)
NAME
ftpusers - file listing users to be disallowed ftp login privileges
SYNOPSIS
/etc/ftpd/ftpusers
The ftpusers file lists users for whom ftp login privileges are disallowed. Each ftpuser entry is a single line of the form:
name
where name is the user's login name.
The FTP Server, in.ftpd(1M), reads the ftpusers file. If the login name of the user matches one of the entries listed, it rejects the login
attempt.
The ftpusers file has the following default configuration entries:
root
daemon
bin
sys
adm
lp
uccp
nuucp
smmsp
listen
nobody
noaccess
nobody4
These entries match the default instantiated entries from passwd(4). The list of default entries typically contains the superuser root and
other administrative and system application identities.
The root entry is included in the ftpusers file as a security measure since the default policy is to disallow remote logins for this iden-
tity. This policy is also set in the default value of the CONSOLE entry in the /etc/default/login file. See login(1). If you allow root
login privileges by deleting the root entry in ftpusers, you should also modify the security policy in /etc/default/login to reflect the
site security policy for remote login access by root.
Other default entries are administrative identities that are typically assumed by system applications but never used for local or remote
login, for example sys and nobody. Since these entries do not have a valid password field instantiated in shadow(4), no login can be per-
formed.
If a site adds similar administrative or system application identities in passwd(4) and shadow(4), for example, majordomo, the site should
consider including them in the ftpusers file for a consistent security policy.
Lines that begin with # are treated as comment lines and are ignored.
/etc/ftpd/ftpusers A file that lists users for whom ftp login privileges are disallowed.
/etc/ftpusers See /etc/ftpd/ftpusers. This file is deprecated, although its use is still supported.
/etc/default/login
/etc/passwd password file
/etc/shadow shadow password file
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWftpr |
+-----------------------------+-----------------------------+
|Interface Stability |External |
| | |
| /etc/ftpd/ftpusers | |
+-----------------------------+-----------------------------+
|Interface Stability |Obsolete |
| | |
| /etc/ftpusers | |
+-----------------------------+-----------------------------+
login(1), in.ftpd(1M), ftpaccess(4), ftphosts(4), passwd(4), shadow(4), attributes(5), environ(5)
1 May 2003 ftpusers(4)