Darxus on Mon, 6 Dec 1999 16:02:52 -0500 (EST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] ttysnoop and /dev/vcs#

On Mon, 6 Dec 1999 tburba@GLCORPIS01.usvision.com wrote:

> I attempted to (over)simplify the scope of the project -- for the sake of
> discussion. [...takes a deep breath]
> Our hosts have:
> -- discreet serial ports (/dev/ttyS#) (I know they are not part of
> /dev/pts/# and the Unix 98 standard)
> -- many telnet pseudo ports using the /dev/pts Unix 98 standard
> -- A very expensive, vertical market application running that requires the
> following, among others:
>      -- mgetty (contractual [read expensive] obligations require it)
> (although, you've implied, mgetty is not an issue)
>      -- RH6.0 (contractual [read expensive] obligations prevent us from
> using debian as our Distro)
> -- 700 sites, each having a mini-network of these machines. Each network,
> having both serial and pseudotty telnet connections is connected to our
> Home Campus via dialup modem based connections using uucp

Okay, so the 2 kinds of connections you want to snoop are serial/mgetty,
and telnet ?

There are examples for both in the /etc/snooptab file...

# example:  (for /etc/inetd.conf)
# telnet stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.telnetd -L /usr/sbin/ttysnoops
# example /etc/inittab (using agetty):
# s2:23:respawn:/sbin/getty 38400 ttyS2 vt100 -l /usr/sbin/ttysnoops

Basically, you just need to tell in.telnetd (the telnet daemon) and mgetty
to use /usr/sbin/ttysnoops instead of /bin/login.  So in /etc/inetd.conf,
add "-L /usr/sbin/ttysnoops" to the end of the telnet line, and in
/etc/inittab, add "-l /usr/sbin/ttysnoops" to the end of your serial
mgetty lines (assuming the syntax for mgetty is identical to getty for

Will it work ?  I have no idea.  I'll try what I can when I get home.

PGP fingerprint = 03 5B 9B A0 16 33 91 2F  A5 77 BC EE 43 71 98 D4
            darxus@op.net / http://www.op.net/~darxus
             Find the next largest prime, be famous:

Plug maillist  -  Plug@lists.nothinbut.net