Log ssh and telnet connections
Hi guys,
if you want to log all ssh and telnet connections to your system, what entry do you put in /etc/syslog.conf file?
Thank you
Google is your friend:
http://www.unix.com/solaris/128310-logging-incoming-connections-solaris-10-a.html
Similar Messages
-
Logging inbound and outbound connections through my Linksys router
Hi There,
I have a Linksys wireless router (WRT54G series) that I use to connect to the internet with my cable modem. I would like to be able to configure my home network to log inbound and outbound connections through my router.
My router, which I bought brand new a couple of years ago, provides some very basic logging through its administration interface. I can view a current log of very recent (within the past couple of minutes) inbound and outbound connections/traffic. However, I would like to be able to configure my network to log all inbound and outbound traffic for at least 1 or 2 days and have this log saved somewhere so I can retrieve and review it at a more convenient time. I haven't been able to figure out how to do this with my current Linksys router and would like some help in configuring my system.
Is it possible for me to configure (perhaps with a firmware upgrade or even by replacing my older Linksys router with a newer one) my router to continuously log a day or more's worth of inbound and outbound connections? If this is possible, what changes do I need to implement? Does Linksys offer a wireless router that has more sophisticated logging capabilities? What is the longest log period that I can create with a Linksys router?
If it's not possible to create such a log with my router, then what other components would I need to log this information? I've thought about setting up a Linux server with two network cards installed to act as a gateway between my router and cable modem which will log traffic. Would this be a good strategy to implement logging?
Thanks in advance.
Tom
Message Edited by on 07-28-2007 07:44 AM
Message Edited by on 07-28-2007 07:50 AMwell...the router's in-built log will only provide basic information about the incoming/outgoing log . So, it will be a good idea to install a separate log viewer .....
-
Hi,
Sorry, I dont speak english very well. I want to create some program to check telnet connection. I base on old perl scripts "Telnet_Crack":
# CONNECTION.
sub connect {
print "\n\nATTEMPTING CONNECTION TO $HOST.";
$telnet = new Net::Telnet (Timeout => 5, Errmode => "return");
$telnet-> open("$HOST");
print "\n\nOK ... CONNECTED!!!\n\n";
# DO_IT.
sub do_it{
print "\nTRYING : USERNAME = $USER PASSWORD = $PASS";
&success if $telnet -> login($USER,$PASS);
$telnet -> close;
# SUCCESS.
sub success {
open (LOGFILE, ">>TELNET_CRACK") or die "\a\nERROR UNABLE TO OPEN TELNET_CRACK.\n $!";
print "\a\a\a";
print "\nUSERNAME: $USER has PASSWORD: $PASS on $HOST.\n\n\n\n\n";
print LOGFILE "\nUSERNAME: $USER has PASSWORD: $PASS on $HOST.\n\n";
close LOGFILE;
&quit;
But Telnet_Crack not working. Everything is ok in log:
Nov 9 14:07:07 jlug login[9086]: pam_unix(login:session): session opened for user us3r by (uid=0)
Nov 9 14:07:12 jlug xinetd[9004]: EXIT: telnet pid=9085 duration=6(sec)
Nov 9 14:07:12 jlug login[9086]: pam_unix(login:session): session closed for user us3r
But telnet_crack not execute success function. Maybe something is wrong with PAM? In gentoo Telnet_Crack work fine.. Of course, it's pretty good for users (dictionary attack doesnt work).
Maybe smb known, how i can check result from telnet login?use Net::Telnet;
$telnet = new Net::Telnet ( Timeout=>10);
$telnet->open('10.2.60.156');
$telnet->login('user', 'pass') and &ok;
$telnet->close;
sub ok {
print "Success\n";
return 0;
I get timed-out waiting for password prompt at test3.pl line 5. Anybody known what I must do? -
Database log switch and WLS connection pool relation
Hi,
We have been facing WLS JDBC connection pool disable and suspension issue very frequently in our environment and as a work around have implemented multi-datasource configuration (fail over method).
But we need to know the root cause for the same and want to fix the issue too.
We have tried many options like increasing no. of processes and transaction on Database, fine tune the weblogic datasource but still we could not isolate the issue.
Recently we have been advised to minimize the log switch on database front and increase the redo log size. Not sure if this will help in isolating the issue or not.
So we are Looking forward for the comments and suggestions on what would be the relationship b/w datasource and log switch be and if someone have faced this issue and resolved the same by fine tuning the database and minimizing the log switch.
We are using WLS 10.3.3.0
-Rohitturn on jdbc logging. The server log should be showing the troubles WLS is having
while testing connections and trying/failing to make replacement connections. -
ASR 5000 access list for ssh and telnet
Dears,
how can we apply an access list for telnet and ssh on asr 5k ?
please advise if this is feasible.
thx.Hello Joseph,
Sorry for the delay in response.
To control access to ASR5000 via telnet, other than configuring an ACL, there is a way to disable telnetd by configuring local context.
For example:
config
context local
no server telnetd
#exit
System Administration Guide of the relevant version will give you detailed information in this regard.
Here is the latest system admin guide (for SW version 17): http://www.cisco.com/c/dam/en/us/td/docs/wireless/asr_5000/17-0/PDF/17-ASR5000-Sys-Admin.pdf
You can find other guides here: http://www.cisco.com/c/en/us/support/wireless/asr-5000-series/products-installation-and-configuration-guides-list.html
Hope this helps..
Regards
Aneesh -
The Daily App -- "not logged in" and "cannot connect to itunes store"
Hello,
I subscribed to the Daily App for 1 year. It shows under my itunes subscription.
Two problems: When I log into the daily app, I get "Can't connect to itunes store" 2 or 3 times. I can just hit ok and they'll go away.
The second, and more annoying, is that when I do the crossword puzzle, I don't see anything on the leaderboard and at the bottom, below the puzzle, it says "not logged-in." But when I click the little settings thing, I am logged in. I'm able to comment on articles.
Any ideas?
I've rebooted, restored from backup, reinstalled the app.I have the same issue, I've tried the following and nothing has worked:
I am running the newest version of The Daily, iTunes version 10.2.1, Mac OS 10.6.7 on my MBA and iPad 4.3.1. I've deleted The Daily from both the iPad 2 and the Mac, rebooted both and reinstalled with no luck, it still gave me the same error message that it could not connect to iTunes. I then did a full restore with no luck. I just completed erasing everything on the iPad, deleted all of the iPad apps from my MBA and set up the iPad as a new iPad not using anything from my old setup, still no luck. I am still getting the same error message: "iTunes Error Cannot connect to iTunes".
When I go into account Information it does not recognize my email and password even though I reset it in iTunes. Everything else on the iPad works with that email and password including all the other paid apps I reinstalled trying to fix this issue.
PLEASE HELP -
How to enable logging of IMAP and SMTP connections in Mail
I have set up my own mail server and am able to send and receive mail. However, I would like to enable SSL security for connections from the client application to the mail server. I have created certificate authority, created a root certificate, and created an SSL certificate and key for the server. However, every time I connect, I get a warning message that the certificate is not valid - but the host names and domain names are correct in the certificate and match in the error message. It appears that there is some other problem with the certificate that is not reported in the dialog.
I would like to turn on logging in Mail.app to try to find out what is happening as the connection is made and TLS is enabled to find out why the certificate is being rejected. What options exist for logging SMTP and IMAP connections in mail? How can I find the logging options - should I look for strings in the binary or a resource file?You cannot log only those changes but you can log *all* changes.
The messages 111008 and 111010 are the ones to look for (as described in this post). -
Java API that implements the SSH, SFTP and Telnet protocols
Hi,
I'm looking for a Java API that implements the SSH, SFTP and Telnet protocols. Does anyone have a suggestion?
Any Suggestions are really appreciated ?
Thanks,
AvinI believe SSH and telnet are used for interactive command line sessions, don't know how you want to use them in a program.
-
SSH and media wiki not connecting from outside of my LAN
I cant seem to connect to ssh or my mediawiki server from outside of my LAN. Ive forwarded all the needed ports and been going over my config all night. I also made sure my router wasn't blocking anything.
-ssh tells me connection denied
-when i go to my http server i can list directorys but as soon as i try to load media wiki i get a 502 error
*these problems do not happen if im connecting from another machine in my local LAN
This is my sshd_config
# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
#Host *
# ForwardAgent no
# ForwardX11 yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
#HostbasedAuthentication yes
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
#AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
#Port 22
Protocol 2
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160
# EscapeChar ~
# Tunnel yes
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
#RSAAuthentication yes
#PubkeyAuthentication yes
#HostbasedAuthentication no
#PasswordAuthentication no
#HashKnownHosts yes
#StrictHostKeyChecking ask
#LoginGraceTime 120
#PermitRootLogin no # (put yes here if you want root login)
hosts.deny
# /etc/hosts.allow
sshd: ALL
mysqld: ALL
# End of file
# /etc/hosts.deny
ALL: ALL: DENY
# End of file
hosts.allow
# /etc/hosts.allow
sshd: ALL
mysqld: ALL
# End of file
I feel like its a security policy or something im not catching.
Ive been searching and working to fix this all night to no avail.
Thanks ahead of time for any help.djszapi wrote:
Hello ahronzombi!
Do you try it with apache web server ? If yes, is there any related information in the apache.log when someone try to connect from out. What's in your http server related config files, vhosts, etc?
Ill try that today. i tried something similar with sshd and looked at the verbose output of the program when trying to connect remotely. it was never touched, like no one tried to connect. i feel like its a network security issue since i can connect locally. but ill check these logs as well -
Hello to all,
I want develop an application to connect with remote system through of SSH or TELNET.
I hope somebody can help me
thank to allThere is one, quick and easy way to do this. Download Ant from ant.apache.org. Then go to Sourceforge and download JSch. Ant uses JSch for SSH. You can view their code and implement your own SSH client via JSch. The whole process took me 20 minutes.
- Saish -
Whenever I try to log in to my account or redeem gift cards, I get a message saying "Connection Manager Invoke Failed to find a service connection url". I changed my password, logged out and the same thing keeps happening. Does anyone have a solution for this?
Hello,
Try to go to the settings on your phone... Settings > Store > Click your Apple ID: And sign out from your account, then sign in again .... This solved the problem for me on my iPhone 4s -
Connection through of SSH or TELNET
Hello to all,
I want develop an application to connect with remote system through of SSH or TELNET.
I hope somebody can help me
thank to allhttp://forum.java.sun.com/thread.jspa?messageID=3328644�
-
Does anyone know what is this mean and how to fix this?
I checked the records and they are not being replicated, and the connection to the subscriber are not active for some reason; but I don't know how to fix it.
Thanks
Philly Database developerIt basically means that the replication agent has not logged a status message back to the replication subsystem.
Basically you can't stop it, and these messages let you know if the agent has hung.
However you can delay the time before the subsystem will report this message. Do this by the following query - this will delay this message to 10 minutes from the default of 5 minutes. I have set this to days when replicating over ISDN/Phone lines.
USE master
exec sp_changedistributor_property
@property = N'heartbeat_interval',
@value = 10;
GO
looking for a book on SQL Server 2008 Administration?
http://www.amazon.com/Microsoft-Server-2008-Management-Administration/dp/067233044X looking for a book on SQL Server 2008 Full-Text Search?
http://www.amazon.com/Pro-Full-Text-Search-Server-2008/dp/1430215941
after changes below query...USE master
exec sp_changedistributor_property
@property = N'heartbeat_interval',
@value = 10;
GO still not working... -
i am setting up an ipod touch for my daughter, created her an account, had it verified, but when I get to the section that reads 'connect to itunes' I plug it into the computer with her log in and nothing happens. HELP. I have been at this for 4 hours
Hello GJS6,
Thank you for the details of the issue you are experiencing when trying to connect your daughter's iPod touch to the computer. I recommend the following article:
iOS: Device not recognized in iTunes for Mac OS X
http://support.apple.com/kb/TS1591
Thank you for using Apple Support Communities.
Best,
Sheila M. -
i try to run photoshop and it says i cannot log in and to try later or make sure im connected to the internet which i am?...
If you are using someone else's WiFi they may have restrictions in place.
(cofee shop, etc..)
Have you tried connecting using at least more than one particular WiFi network ?
You might want to try googling for a bandwidth test site
verify you have reasonable throughput..
1 megabit up and 1 megabit down..
(bandwidthplace.com is what I typically use..)
Maybe you are looking for
-
My iMac is an early 2006 model running Snow Leopard 10.6.8 and cannot be up graded to Lion or Mountain Lion. I also am running iTunes 10.6.3 and cannot down load iTunes 7. Hardware Overview: Model Name: iMac Model Identifier:
-
Problem in setting Composite Instance Index in SOA 11G
In SOA 11G the setIndex() xpath function is not working . But It was working in 10G. If I use this setIndex function in BPEL Java Embedding , in audit trails the function is executed. But If I see the result by querying the DEV_SOAINFRA.COMPOSITE_INS
-
Data source availability from ecc6.0
Dear Experts A requirement came to us for ORDER BOOK DATA WITH QUANTITES Report . for SD MODULE in BI. BELOW ARE THE FIELDS GATHERED BY ME THAT SATISFIES THE REPORT. BUT MY ISSUE IS I COULD NOT FIND THE RIGHT DATA SOURCE THAT FULL FILL THE REQUIREM
-
Hello, I would like to know until which treatment speed we can work with Labview. I work with a FPGA at 19200 Hz (T=50us), and I don't know if I can receive and read all the datas I send. Thank you
-
It keeps telling to verify, which it have already done. At least it has told me it has