Xenix dialin security
Keith Gabryelski
ag at portnoy.UUCP
Sat May 7 07:52:24 AEST 1988
! Email bounced !
In article <5153 at cup.portal.com> compata at cup.portal.com writes:
>Under VMS, I am able to set an alarm which will log all login attempts
>via a dial-in port. (I can also set many other types of alarms.) The
>alarm does not depend upon the caller being successful at logging-in;
>repeated bad attempts are also useful information. I would like to
>enable a similar facility for Xenix 386 2.2. Does anyone know how this
>can be done, or if it can be done?
Sco Xenix does not support any type of login `log'. The clean way
would be to hack /etc/login to log all login attemps. This would take
time and money.
An optional way (read "It works, but only sorta") would be to add code
to the /etc/cshrc and /etc/profile to log every time they are invoked.
/etc/cshrc is sourced every time a login csh is invoked. Likewise,
/etc/profile is sourced every time a login sh is invoked.
Sample code:
who am i >> /etc/login.log
(oh, yes... /etc/login.log should be world writeable)
This code will work for /etc/profile and /etc/cshrc.
Disadvantages:
o Not all login attemps are recorded. Only successful logins
are recorded.
o Only csh and sh logins are record. Users with
other login shells that do not source one of the above
files will not show up in the log. vsh (the visual shell)
and uucp transfer logins (/usr/lib/uucico/uucico) will not
be logged.
o Since (in the above example) the log file must be world writeable,
it could be deleted if a user knew about it and wanted to hide
his login. This could be taken care of by running a suid program
executed from /etc/profile or /etc/cshrc.
Hope this helps.
pax, Keith
--
[ Keith ] UUCP: {ucsd, cbosgd!crash, sdcsvax!crash, nosc!crash}!portnoy!ag
[Gabryelski] INET: ag at portnoy.cts.com ARPA: portnoy!ag at ucsd.arpa
More information about the Comp.unix.xenix
mailing list