Date: Thu, 23 Apr 1998 00:13:30 GMT From: mike@sentex.net (Mike Tancsa) To: anthony@sohopros.com Cc: questions@FreeBSD.ORG Subject: Re: monitoring logins? Message-ID: <353e8679.862651777@mail.sentex.net> In-Reply-To: <3.0.32.19980421222843.00807e80@pop.flash.net> References: <3.0.32.19980421222843.00807e80@pop.flash.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 21 Apr 1998 22:28:46 -0500, in sentex.lists.freebsd.questions you wrote: >What is the best way to monitor who is logging into my system? >One of my users has been telneting to my system from a >university and is concerned that some students my be using >packet sniffers. I have tcp wrappers installed so I should >be some what protected, wright? tcp_wrappers allows for a nice way to resitrict access and also enforce things like hostname to address matches. If the user is logging in from a workstation, get them to install an SSH client on their end, and install sshd on your end to provide point to point encryption. In general, if your system is such that your users will come in from known sources, deny access to all, and grant access to specific hosts/locations. You can do this through tcp_wrappers. Also, keep an eye on your logs for any unusual patterns. e.g. if user X always logs in from site.somewhere.com, and all of a sudden starts logging in from some AOL dialup account.... ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?353e8679.862651777>