Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Trace connections
Top Forums UNIX for Advanced & Expert Users Trace connections Post 15970 by Witlr on Friday 22nd of February 2002 08:18:19 AM
Old 02-22-2002
Lightbulb Telneting in as ROOT is NO NO
From your posting you want to track users who are logging in as Root and what they are doing.

Easiest way is to block root from telneting in from remote connections. Force the users to login as themselves and then "su" over to root. You can then log all su attempts (successful and un-successful) and track the people backwards across the servers.

Basic Security rule is to only allow Root to login from the Console Terminal physically located at the server.
 

10 More Discussions You Might Find Interesting

1. IP Networking

trace route ip

hi everybody , i have a solaris 5.6 box and i want to trace the route on an ip i treid traceroute but soalris 5.6 does not support it ... is there a command that can be used equivelent to traceroute ? thanks for your help (2 Replies)
Discussion started by: ppass
2 Replies

2. Shell Programming and Scripting

Function Trace

Does anyone know if there is a util out there to run through a shell script and be able to trace the function call tree. I have inherited some code and the original author was ****mad**** keen on functions - even ones called only once! If anyone knows of anything I would appreciate it - web... (3 Replies)
Discussion started by: ajcannon
3 Replies

3. UNIX for Dummies Questions & Answers

Trace DHCP - Help!

Can someone help me with commands to trace DHCP on an HP_UX box? Thanks! (0 Replies)
Discussion started by: nuGuy
0 Replies

4. HP-UX

how to trace the logs

Hi, Last day, In one of our unix boxes there was an issue wherein few of the directory structures were missing / got deleted. Is there any way by which we can find how it happened, I mean by going through syslog / which user had run what command? Thanks for your help (3 Replies)
Discussion started by: vivek_damodaran
3 Replies

5. HP-UX

How to trace a user

on HP-Unix how can i trace user for example "xxx999" ? (4 Replies)
Discussion started by: salhoub
4 Replies

6. Shell Programming and Scripting

how to supress the trace

Hi I am working in ksh and getting the trace after trying to remove the file which in some cases does not exist: $ my_script loadfirm.dta.master: No such file or directory The code inside the script which produces this trace is the following: ] || rm ${FILE}.master >> /dev/null for... (3 Replies)
Discussion started by: aoussenko
3 Replies

7. Solaris

Log Trace

Hi I would like to display only error messages from my log files while monotring application on my solaris box using tail command. Is there other way we can monitor please let me know? In general # tail -f "xyz.log' ---> this will display current activity of the logs, instead i would like... (4 Replies)
Discussion started by: gkrishnag
4 Replies

8. UNIX for Dummies Questions & Answers

Help with trace file

Hi, I am an oracle DBA pretty new to unix. We had one of the filesystems full and a colleague cleared some stuffs to create more space. I just checked now and found there is now more space available. How do i find exactly what he cleared? We have oracle database installed and its a RAC... (4 Replies)
Discussion started by: dollypee
4 Replies

9. Shell Programming and Scripting

Stack Trace

Hi All Thought it would be kind of fun to implement a stack trace for a shell script that calls functions within a sub shell. This is for bash under Linux and probably not portable - #! /bin/bash error_exit() { echo "=======================" echo $1 echo... (4 Replies)
Discussion started by: steadyonabix
4 Replies

10. AIX

Trace su to root

Hi, is it possible to trace everything about user that changes from its own user to root user, failed and successful attempts (I would need user and IP address of user that was trying to do that)? I tried adding auth.notice and auth.info in syslog.conf but it only tracks user withoud IP... (6 Replies)
Discussion started by: sprehodec
6 Replies

LEARN ABOUT SUSE

pam_nologin

PAM_NOLOGIN(8)							 Linux-PAM Manual						    PAM_NOLOGIN(8)

NAME

       pam_nologin - Prevent non-root users from login

SYNOPSIS

       pam_nologin.so [file=/path/nologin] [successok]

DESCRIPTION

       pam_nologin is a PAM module that prevents users from logging into the system when /etc/nologin exists. The contents of the /etc/nologin
       file are displayed to the user. The pam_nologin module has no effect on the root user's ability to log in.

OPTIONS

       file=/path/nologin
	   Use this file instead the default /etc/nologin.

       successok
	   Return PAM_SUCCESS if no file exists, the default is PAM_IGNORE.

MODULE TYPES PROVIDED

       The auth and acct module types are provided.

RETURN VALUES

       PAM_AUTH_ERR
	   The user is not root and /etc/nologin exists, so the user is not permitted to log in.

       PAM_BUF_ERR
	   Memory buffer error.

       PAM_IGNORE
	   This is the default return value.

       PAM_SUCCESS
	   Success: either the user is root or the /etc/nologin file does not exist.

       PAM_USER_UNKNOWN
	   User not known to the underlying authentication module.

EXAMPLES

       The suggested usage for /etc/pam.d/login is:

	   auth  required  pam_nologin.so

NOTES

       In order to make this module effective, all login methods should be secured by it. It should be used as a required method listed before any
       sufficient methods in order to get standard Unix nologin semantics. Note, the use of successok module argument causes the module to return
       PAM_SUCCESS and as such would break such a configuration - failing sufficient modules would lead to a successful login because the nologin
       module succeeded.

SEE ALSO

       nologin(5), pam.conf(5), pam.d(5), pam(8)

AUTHOR

       pam_nologin was written by Michael K. Johnson <johnsonm@redhat.com>.

Linux-PAM Manual						    04/01/2010							    PAM_NOLOGIN(8)
All times are GMT -4. The time now is 07:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy