How can you determine if a user is connecting via 'telnet' or 'ssh'? - Aix

This is a discussion on How can you determine if a user is connecting via 'telnet' or 'ssh'? - Aix ; Is there a way to determine when a user is logging in whether the user is using 'telnet' or 'ssh'? We want to limit access to telnet to certain fixed IP address which are local 'ethernet' terminals. I also would ...

+ Reply to Thread
Results 1 to 9 of 9

Thread: How can you determine if a user is connecting via 'telnet' or 'ssh'?

  1. How can you determine if a user is connecting via 'telnet' or 'ssh'?

    Is there a way to determine when a user is logging in whether the user
    is using 'telnet' or 'ssh'?

    We want to limit access to telnet to certain fixed IP address which are
    local 'ethernet' terminals.
    I also would like to keep my PROCOMM Plus software working.

    Thanks,

    Denny Watkins
    Morningside College

    Phone: 712-274-5250

    Email: watkins@morningside.edu


  2. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    Restrict access to port 23 to only those fixed IPs on the firewall, and
    block to all other IPs?


    mside wrote:
    > Is there a way to determine when a user is logging in whether the user
    > is using 'telnet' or 'ssh'?
    >
    > We want to limit access to telnet to certain fixed IP address which are
    > local 'ethernet' terminals.
    > I also would like to keep my PROCOMM Plus software working.
    >
    > Thanks,
    >
    > Denny Watkins
    > Morningside College
    >
    > Phone: 712-274-5250
    >
    > Email: watkins@morningside.edu



  3. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    Access can be limited by using IP filtering which will allow certain IP
    address to access the server while the rest would be restricted. PLS
    NOTE that extra care and good understanding of IP filtering is required
    while doing this as you might end up restricting all IPs and hence
    prevent logins for all.

    HTH

    mside wrote:
    > Is there a way to determine when a user is logging in whether the user
    > is using 'telnet' or 'ssh'?
    >
    > We want to limit access to telnet to certain fixed IP address which are
    > local 'ethernet' terminals.
    > I also would like to keep my PROCOMM Plus software working.
    >
    > Thanks,
    >
    > Denny Watkins
    > Morningside College
    >
    > Phone: 712-274-5250
    >
    > Email: watkins@morningside.edu



  4. Re: How can you determine if a user is connecting via 'telnet' or'ssh'?



    Telnet is easy to restrict. It runs from inetd. You can add a
    tcpwrapper to it to prevent unauthorized IP addresses from even reaching
    telnetd.

    Roy

    Ashok Sangra wrote:
    > Access can be limited by using IP filtering which will allow certain IP
    > address to access the server while the rest would be restricted. PLS
    > NOTE that extra care and good understanding of IP filtering is required
    > while doing this as you might end up restricting all IPs and hence
    > prevent logins for all.
    >
    > HTH
    >
    > mside wrote:
    >> Is there a way to determine when a user is logging in whether the user
    >> is using 'telnet' or 'ssh'?
    >>
    >> We want to limit access to telnet to certain fixed IP address which are
    >> local 'ethernet' terminals.
    >> I also would like to keep my PROCOMM Plus software working.
    >>
    >> Thanks,
    >>
    >> Denny Watkins
    >> Morningside College
    >>
    >> Phone: 712-274-5250
    >>
    >> Email: watkins@morningside.edu

    >


  5. Re: How can you determine if a user is connecting via 'telnet' or'ssh'?

    a ps will show as well. I think telnet and ssh each should show a PID
    for each session.

    mside wrote:
    > Is there a way to determine when a user is logging in whether the user
    > is using 'telnet' or 'ssh'?
    >
    > We want to limit access to telnet to certain fixed IP address which are
    > local 'ethernet' terminals.
    > I also would like to keep my PROCOMM Plus software working.
    >
    > Thanks,
    >
    > Denny Watkins
    > Morningside College
    >
    > Phone: 712-274-5250
    >
    > Email: watkins@morningside.edu
    >


  6. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    >>> We want to limit access to telnet to certain fixed IP address which are
    >>> local 'ethernet' terminals.


    tcp wrappers can accomplish this .. google for it ..

    HTH
    Mark Taylor


  7. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    Aixers,

    Thank you for the many good suggestion on how to
    limit access to telnet to certain fixed IP address.

    We are currently running AIX 5.3.

    tcp_wrapper 7.6.1.0 is available from a few sites like

    www.bullfreeware.com and
    ftp://ftp.porcupine.org/pub/security/index.html

    Is this the latest version and can I install it on AIX 5.3?

    Thanks Again

    Denny Watkins


  8. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    mside wrote:
    m> Aixers,
    m>
    m> Thank you for the many good suggestion on how to
    m> limit access to telnet to certain fixed IP address.
    m>
    m> We are currently running AIX 5.3.
    m>
    m> tcp_wrapper 7.6.1.0 is available from a few sites like
    m>
    m> www.bullfreeware.com and
    m> ftp://ftp.porcupine.org/pub/security/index.html
    m>
    m> Is this the latest version and can I install it on AIX 5.3?
    m>
    m> Thanks Again
    m>
    m> Denny Watkins

    Yep, good things don't need to change a lot...

    Just as a side note, the source compiles fine on 5.3 and if you want to
    control ssh access as well, you need to roll your own sshd w/ libwrap.a.

    I use it on 5.3 to curb pesky brute force ssh probes. Works like a champ!

  9. Re: How can you determine if a user is connecting via 'telnet' or 'ssh'?

    In article ,
    Bela wrote:

    > mside wrote:
    > m> Aixers,
    > m>
    > m> Thank you for the many good suggestion on how to
    > m> limit access to telnet to certain fixed IP address.
    > m>
    > m> We are currently running AIX 5.3.
    > m>
    > m> tcp_wrapper 7.6.1.0 is available from a few sites like
    > m>
    > m> www.bullfreeware.com and
    > m> ftp://ftp.porcupine.org/pub/security/index.html
    > m>
    > m> Is this the latest version and can I install it on AIX 5.3?
    > m>
    > m> Thanks Again
    > m>
    > m> Denny Watkins
    >
    > Yep, good things don't need to change a lot...
    >
    > Just as a side note, the source compiles fine on 5.3 and if you want to
    > control ssh access as well, you need to roll your own sshd w/ libwrap.a.
    >
    > I use it on 5.3 to curb pesky brute force ssh probes. Works like a champ!


    You can also type 'whodo' at the prompt. It shows how the connection was
    made and what the user is doing.

+ Reply to Thread