Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Help Required: Command to find IP address and command executed of a user
Special Forums Cybersecurity Help Required: Command to find IP address and command executed of a user Post 302222408 by redoubtable on Wednesday 6th of August 2008 08:12:48 PM
Old 08-06-2008
Like era said, accouting will do the job, but it will only give you the commands executed by a given user, not the IP address he/she used to enter your machine.

For something really accurate you could use grsecurity's patches which specially create a proc entry with the ip address of the user who created a given process.

Not sure if selinux would help you with this.

RSBAC also gives you IP information in its logs.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to find the exit status for the last executed command

I am executing a find command in my script i.e find $2 -type f -name '*.gif' -mtime +$1 -exec rm {} \; how do i check that this command is executed properly.. i would lke t trap the errror and display my error message kinly help.. this is an urgent issue. (1 Reply)
Discussion started by: vijay.amirthraj
1 Replies

2. UNIX for Dummies Questions & Answers

Is there a unix command to find ALL hostnames for an ip address?

I am trying to determine if there are several url/host names for an IP address. Is there a UNIX command to find ALL host names for an IP address? Thank you in advance. (3 Replies)
Discussion started by: rukasu
3 Replies

3. Shell Programming and Scripting

Need help! command working ok when executed in command line, but fails when run inside a script!

Hi everyone, when executing this command in unix: echo "WM7 Fatal Alerts:", $(cat query1.txt) > a.csvIt works fine, but running this command in a shell script gives an error saying that there's a syntax error. here is content of my script: tdbsrvr$ vi hc.sh "hc.sh" 22 lines, 509... (4 Replies)
Discussion started by: 4dirk1
4 Replies

4. Shell Programming and Scripting

System Command dies even when command gets executed successfully

Hi I have created a perl script & running it using Linux machine. I want my script to die when system command is unsuccessful but script is dying even when system command gets executed successfully. :wall: I am using the command below :- system($cmd) || die "FAILED $!"; print "Hello"; ... (2 Replies)
Discussion started by: Priyanka Gupta
2 Replies

5. AIX

How to find the log for executed command in IBM AIX?

In Unix If we executed any command where will generate the particluar log related to command in Unix. (4 Replies)
Discussion started by: victory
4 Replies

6. Shell Programming and Scripting

Need to echo command successful if command is executed successfully

Hello, I have written a command n shell script : srvctl relocate service -d t1 -s s1 -i i1 -t t1 -f If the above command executes successfully without error I need to echo "Service relocated successfully and If it errors out I need to trap the errors in a file and also need to make... (1 Reply)
Discussion started by: Vishal_dba
1 Replies

7. UNIX for Dummies Questions & Answers

Set Command to output a log of every command executed in the script

Hi Guys, I like to output every command executed in the script to a file. I have tried set -x which does the same. But it is not giving the logs of the child script which is being called from my script. Is there any parameters in the Set command or someother way where i can see the log... (2 Replies)
Discussion started by: mac4rfree
2 Replies

8. SuSE

Find command doesn't pipe the output as required.

Hi, I am using below code snippet to echo/display the files found (matching a pattern from searchstring.out file) and the corresponding owner. while read j do echo "Pattern to search is:- $j" find / -name "*$j*" |\ while read k do echo "File found is:- $k" owner=$(ls... (9 Replies)
Discussion started by: Vipin Batra
9 Replies

9. UNIX for Beginners Questions & Answers

Find Original user who executed the command

Hi Team, Please help me with the below question. SunOS 5.10 Shell: -bash I am trying to find the original user who executed a command on my development server. In my dev server users login using their personal id and sudo to a common id using 'sudo -u commonid -i'. Once logged in as... (6 Replies)
Discussion started by: sam99
6 Replies

10. UNIX for Beginners Questions & Answers

Find heartbeat ip address with cllsif command

hi~~ my Os is 6.1 i want to find heartbeat ip address from below result. i think, is it en7 onto both nodes? /usr/es/sbin/cluster/utilities/cllsif Adapter Type Network Net Type Attribute Node IP Address Hardware Address Interface Name Global Name ... (2 Replies)
Discussion started by: tomato00
2 Replies

LEARN ABOUT LINUX

newtask

newtask(1)                                                         User Commands                                                        newtask(1)

NAME

       newtask - create new task and optionally change project

SYNOPSIS

       newtask [-p project] [-v] [-c pid | [-Fl]  [command...]]

DESCRIPTION

       The newtask command executes the user's default shell or a specified command, placing the executed command in a new task owned by the spec-
       ified project. The user's default shell is the one specified in the passwd database, and is determined using getpwnam().

       Alternatively, newtask can be used to cause an already running process to enter a newly created task. A project for the new task  can  also
       be  specified in this form of the command. This might be desirable for processes that are mission critical and cannot be restarted in order
       to put them into a new project.

       In the case that extended accounting is active, the newtask command can additionally cause the creation of a task accounting record marking
       the completion of the preceding system task.

OPTIONS

       The following options are supported:

       -c pid   Cause  a  running process to enter a newly created task. A project for the new task can also be specified using the -p option. The
                invoking user must either own the process or have super-user privileges.

                If the project is being changed, the process owner must be a member of the specified project,  or  the  invoking  user  must  have
                super-user  privileges. When the project is changed for a running process, its pool binding as well as resource controls are modi-
                fied to match the configuration of the new project. Controls not explicitly specified in the project entry is preserved.

                This option is incompatible with the -F and -l options.

       -F       Creates a finalized task, within which further newtask or settaskid(2) invocations would fail. Finalized tasks can  be  useful  at
                some sites for simplifying the attribution of resource consumption.

       -l       Changes the environment to what would be expected if the user actually logged in again as a member of the new project.

       -p       Changes the project ID of the new task to that associated with the given project name. The invoking user must be a valid member of
                the requested project, or must have super-user privileges, for the command to succeed. If no project name is  specified,  the  new
                task is started in the invoking user's current project.

       -v       Verbose: displays the system task id as the new system task is begun.

OPERANDS

       The following operands are supported:

       project         The  project  to  which  resource usage by the created task should be charged. The requested project must be defined in the
                       project databases defined in nsswitch.conf(4).

       command         The command to be executed as the new task. If no command is given, the user's login shell is invoked. (If the login  shell
                       is not available, /bin/sh is invoked.)

EXAMPLES

       Example 1: Creating a New Shell

       The following example creates a new shell in the canada project, displaying the task id:

       example$ id -p
       uid=565(gh) gid=10(staff) projid=10(default)
       example$ newtask -v -p canada
       38
       example$ id -p
       uid=565(gh) gid=10(staff) projid=82(canada)

       Example 2: Running the date Command

       The following example runs the date command in the russia project:

       example$ newtask -p russia date
       Tue Aug 31 11:12:10 PDT 1999

       Example 3: Changing the Project of an Existing Process

       The following example changes the project of the existing process with a pid of 9999 to russia:

       example$ newtask -c 9999 -p russia

EXIT STATUS

       The following exit values are returned:

       0        Successful execution.

       1        A fatal error occurred during execution.

       2        Invalid command line options were specified.

FILES

       /etc/project    Local database containing valid project definitions for this machine.

       /proc/pid/*     Process information and control files.

ATTRIBUTES

       See attributes(5) for a description of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE         |      ATTRIBUTE VALUE        |
       +-----------------------------+-----------------------------+
       |Availability                 |SUNWcsu                      |
       +-----------------------------+-----------------------------+

SEE ALSO

       proc(1),   id(1M),   poolbind(1M),  execvp(2),  setrctl(2),  settaskid(2),  setproject(3PROJECT),  nsswitch.conf(4),  proc(4),  project(4),
       attributes(5)

SunOS 5.10                                                          17 Nov 2004                                                         newtask(1)
All times are GMT -4. The time now is 06:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy