Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Source IP not in my ftpd debug logs
Operating Systems AIX Source IP not in my ftpd debug logs Post 302907366 by kah00na on Friday 27th of June 2014 11:20:13 AM
Old 06-27-2014
Source IP not in my ftpd debug logs
I have random connections coming into my FTP server, but the source IP is not showing up in my logs. Here is what my logs look for me trying to connect as a "whatever" user that doesn't exist. You can see there is no source IP telling me where this connection came from:

Code:
Jun 27 10:13:40 hostname daemon:debug ftpd[7733374]: <--- 220
Jun 27 10:13:40 hostname daemon:debug ftpd[7733374]: hostname FTP server (Version 4.2 Mon Dec 3 12:04:40 CST 2012) ready.
Jun 27 10:13:48 hostname daemon:debug ftpd[7733374]: command: USER whatever^M
Jun 27 10:13:48 hostname daemon:debug ftpd[7733374]: <--- 331
Jun 27 10:13:48 hostname daemon:debug ftpd[7733374]: Password required for whatever.
Jun 27 10:13:56 hostname daemon:debug ftpd[7733374]: command: PASS
Jun 27 10:13:56 hostname daemon:debug ftpd[7733374]: <--- 530
Jun 27 10:13:56 hostname daemon:debug ftpd[7733374]: Login incorrect.
Jun 27 10:14:00 hostname daemon:debug ftpd[7733374]: command: QUIT^M
Jun 27 10:14:00 hostname daemon:debug ftpd[7733374]: <--- 221
Jun 27 10:14:00 hostname daemon:debug ftpd[7733374]: Goodbye.

Here's my ftp entry in the inetd.conf file:
Code:
hostname:/:$ grep ^ftp /etc/inetd.conf
ftp     stream  tcp6    nowait  root    /usr/sbin/ftpd  ftpd -u 002 -d

Here's my daemon.debug entry in my syslog.conf:
Code:
hostname:/:$ grep ^daemon.debug /etc/syslog.conf
daemon.debug    /var/log/syslogs/syslog.daemon.debug     rotate size 30m files 5  # maintain 5 files, 30M each

Is there something else I need to enable to get more detailed logs so I can see the source IP of where connections are coming from?
Last edited by kah00na; 06-27-2014 at 01:29 PM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

wu-ftpd question

ya i was wondering if there was anyone out there who could show me a good how to page on wu-ftpd ...im running RH 7.1 and i have the update of wu i just need to know how to use it and configure it so the users are limited to their dir and not the whole system .....any help will do ..thx (2 Replies)
Discussion started by: mista_king
2 Replies

2. UNIX for Advanced & Expert Users

ftpd message

hello, On my AIX server 4.3.3.0 the following message appears on the screen: ftpd :Failed dlopen :/usr/lib/libpag.a(shr.o):a file or directory in the path name does not exist. Please help, Thanks . (1 Reply)
Discussion started by: eyounes
1 Replies

3. Programming

How to debug C source file using GVD debugger

Anyone pls. help !!! I want to debug C source file using GVD debugger. However, I am unable to find the way to debug source files. Thanks in advance (2 Replies)
Discussion started by: argupta
2 Replies

4. Solaris

Turning in.ftpd on and off

For two straight days someone was running in.ftpd in my server (apparently looking to break in) and when I would do "top" almost every line would read "in.ftpd". I had a unix sysadmin friend of mine shut it down and then start it back up in a day and a half and all seems OK for now. Here's what I... (1 Reply)
Discussion started by: thomi39
1 Replies

5. UNIX Desktop Questions & Answers

how to check if a file ftpd to mainframe was actually ftpd

Hi All, I am ftping a file from unix to mainframe. Now the problem arises that i want to check if the file was ftpd or not. Is there any way i could do this? (4 Replies)
Discussion started by: vikas.rao11
4 Replies

6. Linux

wu-ftpd

Hello everyone! I looking for wu-ftpd latest rpm or sorce package. Anyone have idea where i can find? I need to install on Centos 5. please help. -thanks, :) (4 Replies)
Discussion started by: email-lalit
4 Replies

7. Programming

Compile and debug Vim source code

Hi, I want to debug Vim source code with GDB but I can't get it. It seems to run without debugger. Here is my try. I have supressed output of most commands. Tell me if you need them. $ uname -mor 2.6.37-ARCH i686 GNU/Linux $ mkdir ~/birei && cd ~/birei $ wget... (2 Replies)
Discussion started by: birei
2 Replies

8. Solaris

Ftpd alarms

Hi, I am facing following alarms in var/adm/messages after an interval of 10 mins. I dont know what the impact is and how can i fix it. Can anyone help please? Dec 4 07:50:03 hxcsvc-a01 ftpd: open_module: stat(/usr/lib/security/pam_unix_session.so.1) failed: No such file or directory Dec ... (4 Replies)
Discussion started by: sni_engineer
4 Replies

9. Shell Programming and Scripting

If I ran perl script again,old logs should move with today date and new logs should generate.

Appreciate help for the below issue. Im using below code.....I dont want to attach the logs when I ran the perl twice...I just want to take backup with today date and generate new logs...What I need to do for the below scirpt.............. 1)if logs exist it should move the logs with extention... (1 Reply)
Discussion started by: Sanjeev G
1 Replies

10. UNIX for Beginners Questions & Answers

Cd \bad-directory ; source junk.1 logs me off!

Dear Gentle Folk, I thought I knew unix/bash etc. The compound statement USING TCSH! cd /lkjsdf ; source junk.1 completes and then logs me off IF the cd directory does not exist. It works fine if the directory does exist. Why is this and how do I fix it. It doesn't matter what... (1 Reply)
Discussion started by: homerwsmith
1 Replies

LEARN ABOUT DEBIAN

redir

REDIR(1)						      General Commands Manual							  REDIR(1)

NAME

       redir - redirect tcp connections

SYNOPSIS

       redir  [--laddr=incoming.ip.address]  [--caddr=host] [--debug] [--syslog] [--name=str] [--timeout=n] [--bind_addr=my.other.ip.address] [--ftp=type]
       [--transproxy] [--connect=host:port] --lport=port --cport=port [--bufsize=n] [--max_bandwidth=n] [--random_wait=n] [--wait_in_out=n]
       redir --inetd [--caddr=host] [--debug] [--syslog] [--name=str] [--timeout=n] [--ftp=type] [--transproxy] [--connect=host:port] --cport=port
       [--bufsize=n] [--max_bandwidth=n] [--random_wait=n] [--wait_in_out=n]

DESCRIPTION

       Redir redirects tcp connections coming in to a local port to a specified address/port combination.

       It may be run either from inetd or as a standalone daemon.  Depending on how redir was compiled, not all options may be available.

OPTIONS

       --lport
	      Specifies port to listen for connections on (when not running from inetd)

       --laddr
	      IP address to bind to when listening for connections (when not running from inetd)

       --cport
	      Specifies port to connect to.

       --caddr
	      Specifies remote host to connect to. (localhost if omitted)

       --inetd
	      Run as a process started from inetd, with the connection passed as stdin and stdout on startup.

       --debug
	      Write debug output to stderr or syslog.

       --name Specify program name to be used for TCP wrapper checks and syslog logging.

       --timeout
	      Timeout and close the connection after n seconds of inactivity.

       --syslog
	      Log information to syslog.

       --bind_addr
	      Forces redir to pick a specific address/interface to bind to when it listens for incoming connections.

       --ftp  When  using  redir  for  an FTP server, this will cause redir to also redirect ftp connections.  Type should be specified as
	      either "port", "pasv", or "both", to specify what type of FTP connection to handle.  Note that --transproxy often makes  one
	      or the other (generally port) undesirable.

       --transproxy
	      On  a linux system with transparent proxying enabled, causes redir to make connections appear as if they had come from their
	      true origin.  (see /usr/share/doc/redir/transproxy.txt)

       --connect
	      Redirects connections through an HTTP proxy which supports the CONNECT command.  Specify the address and port of	the  proxy
	      using --caddr and --cport.  --connect requires the hostname and port which the HTTP proxy will be asked to connect to.

       --bufsize n
	      Set  the	bufsize (defaut 4096) in bytes. Can be used combined with --max_bandwidth or --random_wait to simulate a slow con-
	      nection.

       --max_bandwidth n
	      Reduce the bandwidth to be no more than n bits/sec.  The algorithme is basic, the goal is to simulate a slow connection,	so
	      there is no pic acceptance.

       --random_wait n
	      Wait  between  0	and  2	x  n  milliseconds before each "packet". A "packet" is a bloc of data read in one time by redir. A
	      "packet" size is always less than the bufsize (see also --bufsize).

       --wait_in_out n
	      Apply --max_bandwidth and --random_wait for input if n=1, output if n=2 and both if n=3.

SEE ALSO

       inetd(1)

								       local								  REDIR(1)
All times are GMT -4. The time now is 06:13 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy