HP3000-L Archives

March 1997, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Security / User Logging
From:
Jerry Fochtman <[log in to unmask]>
Reply To:
Jerry Fochtman <[log in to unmask]>
Date:
Thu, 20 Mar 1997 12:47:41 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (84 lines) 
Michael,

Why couldn't you 'echo' the message to a file using pipes in the UDC?

file secure=security.<grp>.<acct>;acc=append
ECHO  !HPUSER.!HPACCOUNT at !HPTIME (msg text)  >> *secure



At 03:13 PM 3/20/97 GMT, you wrote:
>I apologize in advance for keeping all of the 'reply-to' text in the reply,
>but it needs to be there.
>You might want to read the marked text first to get a handle on what I'm
>talking about and come back up here.
>
>
>Although, reading the logging files, probably would give me what I need, I
>still have to wade through them everyday.
>Let me try to explain what I'm looking for a bit better.
>
>My security set up on these dedicated lines, (read the other bits below) is
>about as basic as it gets, but it is enough to deter the type of users we
>have.  The UDC attached to the group, checks the user sign-in against a
table.
> If the sign-in doesn't match what the table shows as valid for that
>line/port, it immediately aborts that session and lets them know it.  It also
>echoes a message to the console, but since we are such a small company, we
>don't monitor the console every minute, so a message like this normally
>scrolls away LONG after it's displayed.
>
>I know the variables I need: !HPUSER, !HPDATE, and !HPTIME.  When an invalid
>user tries to sign-in on any of the ports in question, it would be easier to
>track if these variables were written to a separate file before the
session is
>aborted.
>
>My question <whew>: Can this process be made part of the UDC?
>
>M.Hopper
>[log in to unmask]
>
>------------------------------------------------------------------------
>
>In article <[log in to unmask]>,
>   [log in to unmask] (Mike Paivinen) wrote:
>>Michael Hopper ([log in to unmask]) wrote:
>>: Without installing any new software, I need to be able to monitor
>>: a particular LDEV and log information about it.
>>: I already have a system in place that prevents unauthorized users
>>: from accessing the system through particular LDEVs.  (These devs
>>: corespond with satellite terminals that are in place at various
>>: points throughout our metro area, and access the system using 56k
>>: digital lines.)  But what I need now is a way to log the times
>>: when someone tries to access the system through any of these lines
>>: using an invalid sign-in.  Specifically, I need the date and time as well
>as
>>: the user name that was attempted, to be written to a file.
>>
>>DISCLAIMER:  I'm away from my desk at the moment and can't fully confirm
this
>>            answer.
>>
>>The LOGON system logging record, record 102(?), should provide all the
>>information you want.  It records failed logon attempts as well as
successful
>>logon attemps.  I'm not sure whether the log record gives you the invalid
>>user/account name attempted by the user.  [My memory says it does.]
>>Also, all invalid logon attempts are written to the console.  So, you
>>can get the same information from the console log records, 115.  The
>advantage
>>of the logon records is that you can search them by LDEV number.
>>
>>Mike P.
>>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>>Mike Paivinen
>>[log in to unmask]
>>
>>Hewlett-Packard
>>CSY - Mailstop 47UA
>>19447 Pruneridge Avenue
>>Cupertino, CA   95014
>
>

ATOM RSS1 RSS2