Need help showing which network protocol users use.


 
Thread Tools Search this Thread
# 1  
Need help showing which network protocol users use.

I'm having a bit of a trouble trying to figure out how to tell which network protocol users HAVE been logging in with. I know how to find this information for currently logged in users :
Code:
maximillian.gardner@syccuxfs01:~> who
joseph.blosser pts/0        2012-01-15 14:07 (198.107.160.185)
jamil.baghshi pts/1        2012-01-15 14:08 (c-76-115-1-185.hsd1.or.comcast.net)
trevor.medina pts/2        2012-01-15 14:27 (c-24-21-161-72.hsd1.or.comcast.net)
maximillian.gardner pts/5        2012-01-15 13:38 (c-24-21-154-91.hsd1.or.comcast.net)
kyle.lewis2 pts/6        2012-01-15 14:32 (static-50-53-15-43.bvtn.or.frontiernet.net)
matthew.balza pts/4        2012-01-15 14:19 (static-50-53-144-51.bvtn.or.frontiernet.net)
maximillian.gardner@syccuxfs01:~> ps -u joseph.blosser
  PID TTY          TIME CMD
25420 ?        00:00:00 sshd
25421 pts/0    00:00:00 bash
maximillian.gardner@syccuxfs01:~> ps -u trevor.medina
  PID TTY          TIME CMD
25912 ?        00:00:00 sshd
25913 pts/2    00:00:00 bash
maximillian.gardner@syccuxfs01:~> ps -u maximillian.gardner
  PID TTY          TIME CMD
24516 ?        00:00:00 sshd
24517 pts/5    00:00:00 bash
26215 pts/5    00:00:00 ps
maximillian.gardner@syccuxfs01:~> ps -u kyle.lewis2
  PID TTY          TIME CMD
26051 ?        00:00:00 sshd
26052 pts/6    00:00:00 bash
26119 pts/6    00:00:00 vimtutor
26126 pts/6    00:00:00 vim
maximillian.gardner@syccuxfs01:~> ps -u matthew.balza
  PID TTY          TIME CMD
25683 ?        00:00:00 sshd
25684 pts/4    00:00:00 bash
maximillian.gardner@syccuxfs01:~> netstat -t -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State
tcp        0    156 syccuxfs01.syi.pcc.:ssh static-50-53-15-4:49776 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pc:57502 syccuxfs01.syi.pc:46725 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pc:46725 syccuxfs01.syi.pc:57502 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pcc.:ssh static-50-53-144-:61501 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pc:44017 syccuxfs01.syi.pcc:8194 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pc:46965 10.10.141.24:8194       ESTABLISHED
tcp        0      0 syccuxfs01.syi.pcc:8194 syccuxfs01.syi.pc:45644 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pc:45644 syccuxfs01.syi.pcc:8194 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pcc:8194 syccuxfs01.syi.pc:44017 ESTABLISHED
tcp        0    876 syccuxfs01.syi.pcc.:ssh c-24-21-154-91.h:labrat ESTABLISHED
tcp        0      0 syccuxfs01.syi.pcc.:ssh c-76-115-1-185.hs:52274 ESTABLISHED
tcp        0      0 syccuxfs01.syi.pcc.:ssh c-24-21-161-72.hs:50274 ESTABLISHED

But how do I find this information for users not currently logged in.

Any help appreciated.
~M.G
# 2  
try this command:
Code:
last

# 3  
Quote:
Originally Posted by askandstudy
try this command:
Code:
last

My question was not to display the past user logins.

My question is:
How can I tell which network protocol (SSH, telnet, etc) users who are not logged in have been using?

Thank you in advance.
~M.G
# 4  
You may be able to deduce from the device name in "last". Depends on your system.
# 5  
Lets suppose you want to find out who used a speicif tcp/ip protocol like ftp:

then invoke/run the following command:

#who /var/adm/wtmp |grep ftp

by this u will know who used/uses ftp and so on!

PS:I am using AIX 6.1 now.

Regards
Ahmed Amer
Cairo,Egypt
# 6  
Is there any way to do this from a restricted user standpoint or does this have to be ran in root? Here are my directory listings. No wtmp found.

Code:
maximillian.gardner@syccuxfs01:/> dir
total 31
-rw-------   1 root root    0 2007-08-29 08:21 aquota.group
-rw-------   1 root root    0 2007-08-29 08:21 aquota.user
drwxr-xr-x   2 root root 2912 2012-01-14 02:15 bin
drwxr-xr-x   3 root root  624 2011-11-23 11:31 boot
drwxr-xr-x  10 root root 7080 2012-01-14 11:24 dev
drwxr-xr-x  84 root root 8920 2012-01-16 10:46 etc
drwxr-xr-x  12 root root  344 2011-03-21 14:13 home
drwxr-xr-x  12 root root 4592 2012-01-14 02:15 lib
drwxr-xr-x   2 root root   48 2010-04-20 06:45 local
drwxr-xr-x   3 root root   72 2011-11-28 06:50 media
drwxr-xr-x   2 root root   48 2011-11-23 10:55 mnt
drwxr-xr-x   8 root root  184 2009-09-05 03:43 opt
dr-xr-xr-x 101 root root    0 2011-12-27 09:44 proc
drwx------  35 root root 2064 2012-01-12 09:31 root
drwxr-xr-x   4 root root 9240 2012-01-05 02:07 sbin
drwxr-xr-x   4 root root   96 2009-09-05 03:43 srv
drwxr-xr-x  11 root root    0 2011-12-27 09:44 sys
drwxrwxrwt  18 root root 4032 2012-01-16 11:43 tmp
drwxr-xr-x  16 root root  432 2011-12-06 02:11 usr
drwxr-xr-x  17 root root  416 2011-03-21 07:27 var
maximillian.gardner@syccuxfs01:/> cd var
maximillian.gardner@syccuxfs01:/var> dir
total 8
drwxr-xr-x  8 root  root   224 2009-09-05 03:43 adm
drwxr-xr-x 11 root  root   288 2009-09-05 03:43 cache
drwxrwxr-x  2 games games   48 2009-09-05 03:43 games
drwxr-xr-x 41 root  root  1136 2012-01-16 11:18 lib
drwxrwxr-t  5 root  uucp   120 2012-01-14 02:16 lock
drwxr-xr-x 11 root  root  6232 2012-01-15 11:15 log
lrwxrwxrwx  1 root  root    10 2011-03-21 07:27 mail -> spool/mail
drwxr-xr-x  4 root  root    96 2009-09-05 03:43 opt
drwxr-xr-x 17 root  root   952 2012-01-15 11:15 run
drwxr-xr-x 12 root  root   328 2011-03-21 07:27 spool
drwxrwxrwt  2 root  root    80 2012-01-16 11:18 tmp
drwx------  2 root  bin    264 2008-03-09 14:25 webmin
drwxr-xr-x  5 root  root   152 2011-03-21 07:27 X11R6
drwxr-xr-x  3 root  root   104 2007-07-18 08:31 yp
maximillian.gardner@syccuxfs01:/var> cd adm
maximillian.gardner@syccuxfs01:/var/adm> dir
total 7
drwx------ 7 root root  168 2011-03-18 04:01 autoinstall
drwx------ 4 root root   96 2011-03-18 07:04 backup
drwxr-xr-x 2 root root 5672 2012-01-01 02:21 fillup-templates
drwxr-xr-x 8 root root  240 2011-11-28 06:59 mount
drwxr-xr-x 2 root root  984 2011-10-07 02:20 perl-modules
drwxr-xr-x 4 root root  200 2011-05-13 10:12 SuSEconfig
maximillian.gardner@syccuxfs01:/var/adm>

~Thank you for the replies!
 

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

Test Your Knowledge in Science: Mathematics
Difficulty: Medium
The Pythagorean theorem states that the square of the hypotenuse is equal to the product of the squares of the other two sides.
True or False?

7 More Discussions You Might Find Interesting

1. Solaris

Network interface showing wrong configuratoin

on both of my T2000 I am seeing same values of 100Mbps for e1000g0 ethernet port. i know all four ethernet ports on T2000 are gigabit ports so why is my first link showing as 100Mbps and how can i correct it? # dladm show-dev e1000g0 link: up speed: 100 Mbps ... (1 Reply)
Discussion started by: aliyesami
1 Replies

2. Red Hat

Showing all users in 'users' and 'top' commands

Hi All, I work in a multi user environment where my school uses Red Hat Linux server. When I issue commands such as "top" or "users", I get to see what others are doing and what kinds of applications they are running (even ps -aux will give such information). "users" will let me know who else is... (1 Reply)
Discussion started by: shoaibjameel123
1 Replies

3. Shell Programming and Scripting

want know about network protocol testing

Hi guys, i want to know about network protocol testing. 1. What is network protocol testing? 2. Whats the role of network protocol tester? 3. Is there good future scope in network protocol testing field? 4. Just give me a example of protocol testing. 5. How it relates to perl or unix? Thanks... (0 Replies)
Discussion started by: rangarasan
0 Replies

4. Shell Programming and Scripting

bash script for showing last users

Hi! I'm new in scripting and I need some help with one simple script. I have to write a program that shows in a predetermined period (using "last" command), to draw up a list of users who have used the machine during this period. Each user to indicate how many sessions it has been during this... (9 Replies)
Discussion started by: vassu
9 Replies

5. Shell Programming and Scripting

Showing offline users

Hi, Is there any command for showing offline users? The only way I can think of doing it (as i cant find a command) is getting a list of all the online users, and comparing it to /etc/passwd, anything that is in /etc/passwd and not in the users file will be offline users. But I have no... (4 Replies)
Discussion started by: mikejreading
4 Replies

6. OS X (Apple)

change network time protocol

by default, a mac syncs its time and date with time.apple.com (located system prefs->Date&Time). Is there a way in unix to change it to another address? my attempts to use ntpdate and ntpd have failed. (4 Replies)
Discussion started by: CBarraford
4 Replies

7. IP Networking

RH 9 and Network Time Protocol

I have a small program written in C using winsock v1, that uses a unix host to get the time. I have two machines networked, one windows, the other red hat 9. The windows machine will request the time off the RH one. How can I configure red hat to reply to the time request, i.e act as an... (1 Reply)
Discussion started by: jaredGalen
1 Replies

Featured Tech Videos