I have run telnet from a Windows PC to Solaris 2.7 - Solaris 9 workstations... In all cases, the who command indicates the username, terminal number, time stamp and machine name. Are the users telnet in to a generic account?
If the IP is not reversible, then it prints the ip. If you have setup DDNS correctly, this should return the user's machine name. It appears that your DNS is not resolving
the reverse correctly.
Thanks for helps.
I want to give an example for my question?
User login to his Windows PC with a username like "john" on a network.
Then telnet to a Solaris server with a username "root".
So how can I get the name "john"? Is it possible?
I configure my DNS setups for getting machine names.It is ok. And my Solaris server known by the DNS server on the network.
I can understand your problem... My question is why do you allow root to telnet into your sunbox... This would be considered a security problem in a lot of places... There is a setting in file /etc/default/login. Entry CONSOLE should be set to CONSOLE=/dev/console... This forces root to login via a console and would stop the root login via the telnet service.
As explained, you need to force users to login as themselves and su or sudo.
I guess in the old days, it would suffice to figure out from what IP/computer the user used, look at the logs on that computer and figure out who was on when access was made. With Remote Desktop Connection and PC anywhere,etc., the trail might be harder to follow.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.