Information about telnet sessions

(Traditional format)

Mon Dec 20 17:36:44 2004 Information about telnet sessions
Posted by Tony Lawrence
Search Keys: shell

Recently, I was asked this:


Hate these ads?

Is there a way to identify which telnet session corresponds to which ptty? I would like to know the remote ip address and the ptty of each telnet session

On Linux and BSD systems, "w" shows both where logins came from and what tty they use. For SCO Unix, you need to use "w -x".

If you need to distinguish ssh from telnet, see How can I tell if a user logged in locally, used rlogin, telnet or ssh?

For even more information, "lsof" can tell you what is really going on. You might start with "lsof -i:23", or if you already know the process id's, go directly to "lsof -p xxxx" (xxxx being a PID you want to examine).



Comments /Blog/B1205.html
CommentsBlog1205 :

---December 21, 2004

lsof is one of the most useful commands when trying to figure out what is going on in any *nix system. I have only used it with SCO, and Linux, but I am sure that Solaris, HP-UX, AIX, and the others have similar uses for lsof.

Here are some of the links I have used to learn the usefulness of lsof in the past:

http://www.akadia.com/services/lsof_intro.html

http://techrepublic.com.com/5100-6261-1049412.html

It can also be used for forensic analysis, should your system become comprimised. Of course, some Trojan Horses replace lsof with a trojaned one, that hides processes running by the trojan, so always be sure to install a fresh copy of lsof from a trusted source or backup, before you begin your forensic traces.

http://www.securityfocus.com/infocus/1773



--BruceGarlock

---December 21, 2004



Add your comments

Enter your email address for automatic notification of new posts here
(be sure to whitelist 'feedburner.com' if you use spam filtering)

Or use any RSS reader

Delivered by FeedBurner

Views for this page
Today This Week This Month This Year  Overall
1525243 1,889

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here

pavatar.jpg
More:
       - Administration
       - Modems/Terminals
       - Shell
       - Blog




Unix/Linux Consultants

Your ad here - $24.00 yearly!

larryi@ccamedical.com SCO OS5, Debian Linux, RedHat Linux, MySQL, Apache, AJAX development using dXport/dL4/Unibasic, Windows Connectivity, Sharing Resouces, Automation, Shell Scripting


http://www.cleverminds.net Need expert advice? Want a second opinion? CleverMinds is a one-stop-shop for a wide range of technology solutions. We support Unix, Linux, SCO as well as CMS, ecom, blogs, podcasts, search engines consulting and more. Contact us at web2.0@cleverminds.net 0r (617) 894-1282


http://www.m3ipinc.com Security, firewalls, ids, audits, vulnerability assesments, BS7799, HIPAA, GLB, incident handling








Change Congress

Related Posts

Publish your articles, comments, book reviews or opinions here!