Learning about remote users
Stefan Loesch
stefan at yendor.phx.mcd.mot.com
Sat Mar 18 01:31:12 AEST 1989
I once did something to learn about possible "hackerattacks" on a SYS V
Rel2 (later Rel 3) machine. You can only do it that way if you have src.
SYS V lets you specifie ports which are "remote", and subsequently asks
users who try to login on such ports for an additional dialup password
you specified. We had several remote ports, modem and X.25.
What I did, was modifying login.c, so that whenever the code for the
dialup password was executed, login would write the following data to a
certain logfile:
username password dialuppassword time
It also would say, wether the try was "successful" or not.
I never found any breakin attempts, but as a side effect I could
easily tell why a remote uucp call failed (we had transatlantic
connection, so the lines were very bad mostly).
regards
stefan
More information about the Comp.unix.wizards
mailing list