Top Document: SGI security Frequently Asked Questions (FAQ) Previous Document: -3- How can I configure IRIX to be more secure? Next Document: -5- How can I make an anonymous or restricted FTP account? See reader questions & answers on this topic! - Help others by sharing your knowledge - 'last', 'who', etc. get remote login information from /var/adm/utmpx and /var/adm/wtmp. That information is only logged into these files if they already exist. To create them, do 'touch /var/adm/utmpx /var/adm/wtmpx'. The analogous files under IRIX 4.0.x are /etc/xutmp and /etc/xwtmp. - If you're running IRIX 5.3, install patch 420 to fix a bug which causes xterm(1) to log logins incorrectly. - As described in the login(1) manpage, you can add the line 'syslog=all' to /etc/config/login.options (IRIX 4.0.x) or change the line 'SYSLOG=FAIL' in /etc/default/login to 'SYSLOG=ALL' (IRIX 5.x) to log all login attempts, not just successful ones, in /var/adm/SYSLOG. Under IRIX 5.x only, the same change in /etc/default/su has the same effect on 'su' attempts. - 'ftpd', 'rshd', 'tftpd' and 'fingerd' all have options ('-l' or '-L') which cause them to log all accesses. See their manpages. 'ftpd' also has '-ll' and '-lll' options (undocumented before IRIX 5.x) which log individual file transfers and the sizes of those files respectively. Add the options to the last fields (not the second-to-last) of the appropriate lines of /etc/inetd.conf, then do 'killall -HUP inetd' or reboot. - Consider using Wietse Venema's tcp_wrappers, at ftp://ftp.win.tue.nl/pub/security/. This allows you not only to log most types of connections, but to restrict connections from particular hosts and prevent some forms of address spoofing. README.IRIX in current versions of tcp_wrappers describes a number of ways in which it does not work well with IRIX, some of them serious. tcp_wrappers is still useful, but read README.IRIX carefully and test your configuration to be sure it's working. User Contributions:Top Document: SGI security Frequently Asked Questions (FAQ) Previous Document: -3- How can I configure IRIX to be more secure? Next Document: -5- How can I make an anonymous or restricted FTP account? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: sgi-faq@viz.tamu.edu (The SGI FAQ group)
Last Update March 27 2014 @ 02:12 PM
|
Comment about this article, ask questions, or add new information about this topic: