Hi,
I am working with RedHat Linux 7.1
I am trying to find a way to have the IP address of a connecting system reported in issue.net, at the telnet login. I am trying to get the IP to show up before the user logs in.
I have worked this several ways. There appears to be 2 ways to obtain the IP when a connection attempt is made. Either from /var/log/secure ( which is full of other info and contains other connection attempts to other services) , OR to obtain the info from the running process in.telnetd
The way I see it, when a user tries to Telnet to my box, in.telnetd is started, and I can do a ps -ef |grep to see the process and the IP address. Further I can then do awk '{print $9}' to get the IP address. So what I tried looks like this....
ps -ef |grep in.telnetd |awk '{print &9}'
I know thats most likely a long way to do it and may be the wrong way, (Forgive me I yet to finish my studies on awk), I figure I can get help on the awk stuff in the awk forum.
My other issue is that even though I have this info, I know I can write it out to issue.net, but I think issue.net is only read once when telnet starts. I am sure I could write a script to check for in.telnetd in real time, but I am also sure that would tie a lot of resources
Any suggestions would be great. If there if there happens to be a utility to do this, that would be cool too.
I am working with RedHat Linux 7.1
I am trying to find a way to have the IP address of a connecting system reported in issue.net, at the telnet login. I am trying to get the IP to show up before the user logs in.
I have worked this several ways. There appears to be 2 ways to obtain the IP when a connection attempt is made. Either from /var/log/secure ( which is full of other info and contains other connection attempts to other services) , OR to obtain the info from the running process in.telnetd
The way I see it, when a user tries to Telnet to my box, in.telnetd is started, and I can do a ps -ef |grep to see the process and the IP address. Further I can then do awk '{print $9}' to get the IP address. So what I tried looks like this....
ps -ef |grep in.telnetd |awk '{print &9}'
I know thats most likely a long way to do it and may be the wrong way, (Forgive me I yet to finish my studies on awk), I figure I can get help on the awk stuff in the awk forum.
My other issue is that even though I have this info, I know I can write it out to issue.net, but I think issue.net is only read once when telnet starts. I am sure I could write a script to check for in.telnetd in real time, but I am also sure that would tie a lot of resources
Any suggestions would be great. If there if there happens to be a utility to do this, that would be cool too.