By default, the solaris inetd
deamon does not log the IP address of the machines that are connecting
to Solaris Server. To enable the logging of all the IP addresses of
machines connecting to the server and the connection time, the following
script can be used.
1. cd /etc/init.d
2. vi inetsvc
3. Change the last line in the file, ie
/usr/sbin/inetd -s &
to /usr/sbin/inetd -s -t &
4. Stop and Start that script
./inetsvc stop
./inetsvc start
5. vi /etc/syslog.conf
6 . Add the following line
deamon.notice /var/adm/name_of_log_file ( the two fields should be seperated by tabs )
7. touch /var/adm/name_of_log_file
8. kill -HUP syslogd
After these changes, all connections started through the inetd deamon such as Telnet and FTP will be logged to the new file created.
This is also very useful for auditing purposes with NTP protocol enabled. This gives a consistent time throughout the enterprise and accountability can be implemented in the organization.
1. cd /etc/init.d
2. vi inetsvc
3. Change the last line in the file, ie
/usr/sbin/inetd -s &
to /usr/sbin/inetd -s -t &
4. Stop and Start that script
./inetsvc stop
./inetsvc start
5. vi /etc/syslog.conf
6 . Add the following line
deamon.notice /var/adm/name_of_log_file ( the two fields should be seperated by tabs )
7. touch /var/adm/name_of_log_file
8. kill -HUP syslogd
After these changes, all connections started through the inetd deamon such as Telnet and FTP will be logged to the new file created.
This is also very useful for auditing purposes with NTP protocol enabled. This gives a consistent time throughout the enterprise and accountability can be implemented in the organization.
Tidak ada komentar:
Posting Komentar