[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: almost motd

To: Christian Weisgerber <naddy@mips.inka.de>
Subject: Re: almost motd
From: packet ninja <emory@incumbent.org>
Date: Sat, 2 Dec 2000 14:12:47 -0500 (EST)
Cc: <misc@openbsd.org>

On Fri, 1 Dec 2000, Christian Weisgerber wrote:

//> I'm trying to find the file that prints the
//> first line on a console just before the login
//> prompt (ie OpenBSD/i386 compname (ttyCx).
//
//No dedicated file.  You are looking for the "im" capability in
//gettytab(5).

or s/he can use tcpd's functionality to not only give a "warning" but a
fancy one!  and log the request rather nicely.

banners and spawn are what you'd possibly want to use.

on some of our hosts we have something like:

ftpd: ALL : spawn /usr/local/libexec/conlog %u %h %d >>
/var/log/foreign-connects: banners : ALLOW

in /etc/hosts.allow.  in /etc/banners we keep various files for things
like:

220-
220-    .oO hellyeah Oo.
220-
220-    go away, %u@%h.
220-
220-    By using %d on this machine, you consent to monitoring,
220-    logging, and investigation of your machine by the people
220-    who maintain this site.
220-
220-    Do not be naughty.  And if you are a valid user here,
220-    you have nothing to worry about, do you?
220-
220-                                    - staff of hellyeah! networks
220-

for ftp.

so it idents the remote connection and prints the username@host in the
first two lines to be a little more "obvious" that we really record such
things.

/usr/local/libexec/conlog is a little perl script that takes the data from
each connection, and appends it to a file.

/*
	ryan emory lundberg		http://www.incumbent.org/
	packet ninja, pki advocate	emory@incumbent.org
	"the dude abides."					/*

References:
- Re: almost motd
  - From: naddy@mips.inka.de (Christian Weisgerber)

Prev by Date: Re: Sound (volume) issues
Next by Date: Re: jdk1.2.2
Prev by thread: Re: almost motd
Next by thread: Re: RADIUS server for OpenBSD
Index(es):
- Date
- Thread