AIX

Finger is available in AIX. If they are currently logged in mutliple times, you'll see multiple instances, in the output, and it will show where they are logged in from. This information is coming from (I'm pretty sure) the wtmp file, the file you read with 'last',
so 'last' will get you the same information, not only on current users, but on previous logins.

I get the feeling, however, this isn't really what you want either.

In Solaris, you can run inetd with a "-t" (trace) option. In AIX (I've never done this) there is a "-d" option which appears to be similar. Solaris's -t will log every single connection that is made to any port that inetd is listening to (logs to syslog). This would show you even attempts that are aborted (i.e. someone telnet's and then exits out of the telnet command before even attempting to login, etc.). This would log everything that goes through inetd, not just telnets and rlogins.

There isn't a good way, however, to connect the output of inetd's with other things like shell histories.

I suppose, alternatively, you could do a netstat periodically and save it to a file. It would be a mess to pick through. Typically, ports when they close go into a FIN_WAIT status for like 5 minutes, so every 5 minutes or so should work.

have you tried the "who" command? i think that should give you a list of who's logged in and from where. if you need a history of logged in users, that information is carried in /var/adm/wtmp.

wtmp, however, isn't a normal text file. to view the formatted data you can use (once again) the 'who' command. for example... "who /var/adm/wtmp". you may wanna pipe this to "more" since it can get quite long at times.

Hello men

Thank you for you Both : scatter Brain and Garry Garrett you are Masters
I wante to know more If you can send me more informations but in littele amount Thank you verry verry much men

Thank you

Good morning all

I want to know more from : var/adm/wtmp File, Informations wich it contents
, And way to exploit it

And more infomations

Thanks