HOW DO YOU IDENTIFY WHAT DEVICE IS TELNETING
ITEM: RTA000036933
QUESTION:
Customer has a system that is on an ethernet. Users telnet into the
RISC System to invoke applications such as hcon. We need to
restrict the access to hcon based on the physical device coming in.
That is only certain pcs will be able to invoke hcon.
(1) Do you know a way to identifying the pc that is telneting in, so
we can write a script to see if it is qualified device?
(2) We thought of using the IP address to identify if the device
should have capability to run hcon. How do you capture the IP address?
"who" will not work, since a user can be logged onto several pcs at
the same time.
---------- ---------- ---------- --------- ---------- ----------
A: I will address your questions in the order presented.
1. The easiest way to determine the hostname of the machine from which
an user is telneted in from is to parse out the hostname from the
'who' command. At the bottom of this item I have included a sample
script which shows the steps necessary for parsing out the correct
field in the who command. This script ensures that the correct
entry from the 'who' command is taken even if the user is logged in
from multiple locations.
The script first determines which tty is associated with the
current session. It then does the who command 'grep'ing out all
but the current session. It also greps for the username in the
rare event that the pts number (pseudo-tty number) is contained in
someone's username. If the user is not remotely logged in, it will
set the name to the output from the 'hostname' command.
2. Unfortunately, capturing the IP address without using the
information provided in the 'who' command is not at all feasible.
When a user telnets into a system, the telnetd daemon passes the
IP address of the user logging in to the login program
(/usr/bin/login). This is done with the '-h' flag. For example,
if an user from the machine 129.1.1.1 attempts a login, telnetd
will call /usr/bin/login with the flag '-h 129.1.1.1'. If the
login is successful, login will attempt to resolve the hostname of
129.1.1.1 and that information will be entered into the 'utmp'
file. It is not possible to capture this information from the
login program without rewriting the login program.
The who command simply formats the binary information in the 'utmp'
file and displays it to the screen. Other than the hostname as
entered in the 'utmp' file, there is no other way of determining
from what machine an user is logged in from. Since the 'utmp' file
is in binary format, the who command is the normal way in which
scripts gain access to the information in that file.
Below I have included a script which uses the 'who' command to
determine the hostname from which a user is logged in. It is
intelligent in that if a user is logged in from multiple machines,
it will only look at the current session. Unfortunately, other
than this, there is no official way of obtaining the IP address or
hostname of the machine from which a user is remotely logged in.
Please note, the script below is provided as a sample script on how to
implement your goal. IBM in no way supports this script. AIX
Technical Support does not write scripts as a matter of general
policy.
This script will set the variable SESSION equal to the hostname of the
machine from which the current user is logged in. If the user is
logged in from the console, the session name will be set equal to the
hostname of the host machine.
#¢ /bin/ksh
SESSION=`tty | cut -f4 -d/`
SYSTEM=`who|grep $SESSION|grep $USER|cut -f2 -d"("|cut -f1 -d")"`
if .. "$SYSTEM" = "`who | grep $SESSION | grep $USER`" ..
then
SYSTEM="`hostname`"
fi
Character Legend:
` = Single Back Quote | = Pipe (vertical bar)
. = Open square bracket . = Close square bracket
---------- ---------- ---------- --------- ---------- ----------
This item was created from library item Q649079 CNJXW
Additional search words:
CNJXW COMMUNICATIO DEV DEVICE IDENTIFICATI IDENTIFIER IDENTIFY
IDENTIFYING IX JAN94 OZNEW RISC RISCSYSTEM RISCTCP SOFTWARE S6000
TCPIP TELNETING
WWQA: ITEM: RTA000036933 ITEM: RTA000036933
Dated: 04/1996 Category: RISCTCP
This HTML file was generated 99/06/24~12:43:13
Comments or suggestions?
Contact us