Xenix dialin security
Clemens Schrimpe
csch at tmpmbx.UUCP
Mon May 9 09:12:19 AEST 1988
ag at portnoy.UUCP (Keith Gabryelski) writes:
{} Sco Xenix does not support any type of login `log'. The clean way
{} would be to hack /etc/login to log all login attemps. This would take
{} time and money.
{}
{} An optional way (read "It works, but only sorta") would be to add code
{} to the /etc/cshrc and /etc/profile to log every time they are invoked.
{} /etc/cshrc is sourced every time a login csh is invoked. Likewise,
{} /etc/profile is sourced every time a login sh is invoked.
Since this will only log SUCCESSFUL logins, you may also have a deeper
look into /etc/wtmp, which does the same - and quite correct.
(Even logs uucico's and otherm stuff, since it's written by getty, login and
init !!!)
A way to also trace fail-logins could ONLY be achieved, by installing a new
login.
In our company we use a login, which features:
- Logging of fail-logins
- Restriction of logins depending on the port being used
and the time. (You may reserve ports for either a list
of users and/or a list of groups ...)
- Limitation of online-time per day.
- .hushlogin (quick login without showing /etc/mot[dw] and
other stuff (last login time etc.) - good for uucp logins)
... plus other fancy stuff :-)
We're currently thinking about selling it, since others do so (have a look
into the THIRD PARTIES PRODUCT DIRECTORY from SCO ...)
If we're NOT going to sell it, I'll post it ...
Clemens Schrimpe, netmbx GbR (Berlin, West-Germany)
UUCP: csch at tmpmbx {pyramid|unido}!tmpmbx!csch
BITNET: csch at db0tui6.BITNET csch at tub.BITNET
TELEX: D+186672 net d
FAX: 49303614093
PHONE: +49-30-332 40 15
More information about the Comp.unix.xenix
mailing list