Date: Fri, 8 Apr 2005 05:32:45 +0200 From: Anthony Atkielski <atkielski.anthony@wanadoo.fr> To: freebsd-questions@freebsd.org Subject: Re: How can I log every login via telnet? Message-ID: <856341966.20050408053245@wanadoo.fr> In-Reply-To: <16981.34396.918396.208453@szamoca.krvarr.bc.ca> References: <1492434941.20050407204225@wanadoo.fr> <16981.34396.918396.208453@szamoca.krvarr.bc.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Sandy Rutherford writes: > Check /var/log/auth.log. They should be logged there by default. Thanks, that's just what I was looking for. > You could also use tcpwrappers for better control over access and > logging. See /etc/hosts.allow and "man 5 hosts_options". I'd be mainly interested in restricting which user names can log on from the Net through telnet, rather than which IP addresses. Also, securing the traffic over the telnet session is unimportant (including passwords), because none of the telnet use would involve anything confidential. I mainly want to ensure that only a select handful of users can actually log in through telnet, and that those uses cannot escape to a shell by any means or otherwise stray outside the program that I want to run immediately upon login. I've tweaked my test program to eliminate possible buffer overflows on input and it has no facility for escaping to a shell, and it does virtually no file I/O and only to hard-coded paths, so hopefully it's not too much of a risk. -- Anthony
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?856341966.20050408053245>