Search results for query: *

Does anyone know of an IT inventory management application for Linux. Preferably the application would be open source and be able to track changes to PCs and Servers throughout an organization. Thanks for any input! Alex

Thanks for the reply. I sent an email to Cisco so I could get a definitive answer on the subject of serial numbers and the show version command. According to them the serial number is not always the same as the sh ver command and the best place to get it is from the sticker on the device...

Anyone know how to get a serial number of the PIX 515E V6.2 via the CLI. According to a colleague of mine the number given via the show version command is not the device's serial number but its processor board ID. Id hate to drive across town to get a number off the chassis. And I know this...

They should stay active on their own. Are other inetd services still working after telnet and ftp die? After you see you services die issue a 'netstat -na|grep 23' for grep for 21 and see if inetd indeed has these ports open. If it does not, then verify inetd is running.

Abubasim, I thank you. Your solution is the simplest and best for what I want to do. Using the /etc/security/user file I can deny rexec by user by simply listing the !REXEC in the tty= directive of the user's stanza. Now that is tidy! Thanks to all for your replies! Alex

Yes, I am attempting to be notified when an account is locked due to whatever reason. This need has come about because of dozens of scheduled tasks that use rtools to do important jobs. Unfortunately, the user used for those tasks is also a maintenance account used by staff and when it gets...

Thanks for your response DonDavis. However you must be running a different version of AIX than me (I am running AIX 4.3.3) because my syslog.conf:auth.debug setting does not produce all of those nice descriptive log entries. I do get 'BAD SU' and 'Failed login' but I dont get 'Account has been...

Anyone know of a way to have AIX 4.3 notify root or an email address if an account locks out? I was thinking of a script/cron/lsuser solution but that seems to lack elegance. Im open to any better ideas. Thanks. A.

For whoever is interested I ended up doing what mrn suggested. I wrote a Perl script that accepts the rexec compliant string passed to socket TCP/512. The Perl script then scrutinizes the string received by the client for user and execute information. If the calling user is not in a file held...

Do you mean a wrapper around rexecd? That would mean (i think) that I would alter inetd.conf to look at another file then pass control to rexecd if authorized? Is that correct? How would you pass control to rexecd? Is rexecd open source? Maybe I can look at the code to see what it expects.

I am not sure if rhosts is working for me. Even after I enter -<hostname> in the ~/.rhosts it still allows me to use Exceed to rexec from that windows client. It does restrict rsh however. Is this the expected behavior? I just cant seem to restrict rexec from my Windows exceed clients.

As you have probably guessed, I am attempting to tighten rexec access from remote hosts to my User servers. One of my policies is to deny remote logons of the root user via /etc/security/user via the rlogin = false directive. This works great for protocols suchas telnet and rlogin/xlogin but...

Thanks for the responses but my environment requires the use of rexec for the time being. The vendor who develops our system has not incorporated SSH into its code. Therefore discovering a way to restrict rexec by user would be the next best step. I am aware of security best practice but they...

Is there any way to restrict rexec access by user instead of host? I have used TCP wrappers to tighten down network access to the rexec daemon but what I really want is to restrict rexec by user.

Well that was easy. Thanks Rod.

is there anyway to get an interactive root shell with sudo? I want to restrict the root account to ttys = /dev/ltf0 only and allow only certain users to access a root interactive terminal remotely. Any ideas? Thanks.

Not exactly. Site is not that far. In any case the problem turned out to be the CSU/DSU modem. Telco ran some test a noticed the Modem was not behaving as expected. Replaced it and all is good. Thanks for your input burtsbees!!!

I have a 56k frame relay link at four sites. Currently only three of the sites work and the only difference I can find between the Cisco 2600xm configurations is the non-working site has a "no network-clock-participate wic 0" line enabled. The other working sites do not. Could this be causing...

Im pre 5.3 so I guess I am out of luck. Thanks for the reply.

Does the /var/adm/messages file give you any clue as to what is happening before the box dies? As far as your second bullet, you could write a script to output a sorted ps aux list every 5 seconds or so. This might give you an idea of what process is over-growing.