From owner-freebsd-questions Sat Feb 26 8:43: 2 2000 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-11.mail.nl.demon.net [194.159.73.21]) by hub.freebsd.org (Postfix) with ESMTP id B9E4237BD64 for ; Sat, 26 Feb 2000 08:42:57 -0800 (PST) (envelope-from jr@paranoia.demon.nl) Received: from [212.238.106.171] (helo=pig.bigmama.xx) by post.mail.nl.demon.net with smtp (Exim 2.12 #1) id 12OkI3-000BGf-00; Sat, 26 Feb 2000 16:42:01 +0000 Received: from gazelle.bigmama.xx (gazelle.bigmama.xx [192.168.118.2]) by pig.bigmama.xx (8.9.3/8.8.8) with ESMTP id RAA03282; Sat, 26 Feb 2000 17:40:01 +0100 Received: from gazelle.bigmama.xx (localhost [127.0.0.1]) by gazelle.bigmama.xx (8.9.3/8.8.8) with ESMTP id RAA18823; Sat, 26 Feb 2000 17:38:55 +0100 (CET) Message-Id: <200002261638.RAA18823@gazelle.bigmama.xx> X-Mailer: Shotgun To: Nguyen Manh Tho Cc: FreeBSD Questions , nmtho@dit.hcmut.edu.vn Subject: Re: Could I use the dhcp.bind to query the machine accessing to my Server ? In-reply-to: <20000226095617.14167.qmail@web1604.mail.yahoo.com> X-Comment: Original message from Nguyen Manh Tho dated Sat, 26 Feb 2000 01:56:17 -0800. X-image-url: http://www.paranoia.demon.nl/jrsm.gif X-pgp-key: http://keys.pgp.com:11371/pks/lookup?op=get&search=0x9EF951A5 X-url: http://www.paranoia.demon.nl Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 26 Feb 2000 17:38:55 +0100 From: John Russell Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG If I understand your question, you want to know who accessed one of your machines on certain dates in the past through ftp, telnet or http. If this is not the question, then read no further. If it is your question, then for telnet and ftp, you can use the last command (last(1)). Something like "last | grep Dec" for instance. A thorough look at the logs located by default at /var/log will also show some more particulars. For the http side you only have the log files to look at. I'll let someone else answer the remaining questions about bind. John On Sat, 26 Feb 2000 01:56:17 -0800 Nguyen Manh Tho wrote the following about "Could I use the dhcp.bind to query the machine accessing to my Server ? " > Dear FreeBSD members, > > I need your helps in my problems and I am very > appreciated for all your reply. I am aslo sorry if it > make you trouble. > > Our University now have the Internet service system > for student accessing through some service such as > fpt, > http, telnet,... We need to inquire who had accessed > our system and now I have to write the program doing > this work. I am now looking for the solving way to do > this task. > > I have read the file dhcpdb.bind but I didn't > understand much. Is that file store informations of > the one who accessed to the host? > > An example of one line in that file is: > 1:0x00004c438911:192.168.1.0:1:0x00004c438911:"Thu Dec > 3 19:15:11 1998":0068 > > I have some question here: > > Is "1:0x00004c438911" the MAC address of the accessing > computer? > > Is "Thu Dec 3 19:15:11 1998" is the date and time of > accessing? > > And is "0068" the number of that computer which is > stored is the file dhcpdb.pool? > > But which computer has the IP address "192.168.1.0"? > Because I've found that all the lines in dhcpdb.bind > have the same one ("192.168.1.0"). What's is the real > IP address of the machine access ? > > Another question is what is the usage of the file > dhcpdb.bind? Is it the database that the DHCP Server > will use for leasesing IP automatically. > > Now our Univesity is very interested in the security > problem of our Internet system, could we use that > file to inquire who had accessed our system? > > Would you please help me or tell me where I could find > the answer? Now I couldn't have any detail document > about that. > > If anyone have other solving satisfy this task, please > let me know. > > I'm very sorry if my questions are so silly because > I'm very new in both UNIX and Free BSD. I'm using Free > BSD version 3.3. > > Nguyen Manh Tho. > ++++++++++++++++++++++++++++++++++++ > Engineer, Assistant Lecturer, Database Group, > Department of Information Technology, > Hochiminh City University of Technology, > Block A3, 268 Ly Thuong Kiet Street, Ward 12, > District 10, Hochiminh City, Vietnam. > Email: nmtho@dit.hcmut.edu.vn > URL: http://www.hcmut.edu.vn > ++++++++++++++++++++++++++++++++++++ > > > __________________________________________________ > Do You Yahoo!? > Talk to your friends online with Yahoo! Messenger. > http://im.yahoo.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message