Subject: | |
From: | |
Reply To: | |
Date: | Fri, 31 Oct 1997 14:11:18 -0500 |
Content-Type: | Text/Plain |
Parts/Attachments: |
|
|
In <01bce5ff$e747e100$c80106c0@ten> [log in to unmask] writes:
> > Issues and questions:
> >
> > On the HP3000 is it possible to send this trace to a message file or at >
> least a file on a user volume?
You can do what we do (which, if your machine is accessible via a network is
probably a good idea anyway!); we have an option logon UDC that does a TELLOP
to the console, reporting the NODE NAME and IP Address of the person logging
on (easily retrievable from the new system ci vars).
Now, whenever someone logs in via the network, since ldev#s are meaningless,
you have traceability.
BTW; Note to HP; this would probably be a REAL GOOD thing to add to the
default system logon messages anyway. A message that MGR.TELESUP logged
onto the system at 3AM on ldev #511 (i.e. a network connection) doesn't
help us track that down should it not REALLY be the HPRC working on our
system! ;-)
Another note; if you implement such a UDC, you might also want to do what
ours ALSO does: in addition to logging the IP/node name on the console it
also checks the user's logon vs allowed times and IP addresses/node names
to ensure that this logon is one that's allowed to come in over the network,
and for those users with static IP addresses, we can ensure that someone
can't use their logon from another device.
-Chris Bartram
|
|
|