User Terminal Session Logging
May 31, 2009
I'm looking at allowing remote telnet into my server.
like any security-minded administrator, I want to log what my users type on the telnet session.
I'm using the script command to generate transcripts of the users session.
I have /etc/profile set to automatically start the script command to log user activity, and in /etc/bash.bash_logout I have a command that emails me the transcript of the users' session.
All of the above works well except for one thing:
the users can type "exit" to escape from my script logging and any commands they type won't get logged.
View 14 Replies
ADVERTISEMENT
Oct 7, 2007
I have just got a resellers VPS and my host installed HyperVM 2.0 and when I logged in it works but then I get logout and then get this error:
IP Address Changed Amidst Session. Possible Session Hijacking.
then it takes my host admin time to fix it and now they will not do any think so i can not now use it (login). Not Good is there something I can do?
all I can think is that it is my ISP IP (Dynamic IP Address) which keeps changing.
View 13 Replies
View Related
Jun 14, 2009
how to add in additional Windows Terminal Licenses SALs for SPLA in the system?
View 1 Replies
View Related
Jan 21, 2008
Recently we have been having users come to us saying that they are unable to type anything in any of our terminal servers. The first scenario is that the user cannot type anything and when I view their screen using Terminal Services Manager they are able to type again. The second scenario is that the user cannot type anything and then they have to minimize the terminal client and click the desktop. Once they click the desktop or type anything on their local computer everything is fine.
We are using the latest RDP client in XP from Microsoft. Our servers that we have had the issue on are: Server 2003 R2 Enterprise x64 SP2 and Server 2003 Enterprise SP2.
View 7 Replies
View Related
Jul 13, 2009
i have a dedicated server windows 2008
and i created users on the group (remote desktop users)
but only 2 users can join online
how can i increase this?
View 4 Replies
View Related
Nov 9, 2007
Does anybody know of a datacenter somewhere in Massachusetts that would allow me to colo a tower server along with a sonicwall SSLVPN and firewall? I need maybe 1,000 - 2,000GB/month transfer on a 10mbit port. Ideally under $100/month.
View 6 Replies
View Related
May 31, 2008
I'd setup a Foundry 2402CF at home with a terminal port connection. When I got it to the data center I could not connect to the terminal port using the same connection settings I used at home.
Thought it might be the cable, so tested it with an FWS2, which worked fine.
Could the port have gone bad on the trip to the DC, or is there some security setting I'm missing?
View 6 Replies
View Related
Jun 4, 2008
Is there any hosting company offering Windows VPS with multiple terminal licenses to use to access the server via Remote Desktop Connection?
View 3 Replies
View Related
Sep 22, 2008
Can anyone recommend reliable a Windows VPS host that allows you to run Terminal Services?
View 1 Replies
View Related
Feb 21, 2007
How do I lock down my Windows 2003 server so NO ONE can terminal service in UNLESS they are connected through the PRIVATE network? The server is hosted with Softlayer which allows a private network.
Basically, I want to connect to the SL private network and then terminal service in to get in.
When I connect to the private network, my primary IP/network is STILL my ISP's network. If I goto ipchicken.com, I see my ISP's ip.
However, if I do an ipconfig listing, I see the SL private network ip listed as well (it's just not primary). Hopefully, that won't restrict me from terminal servcing in when I lock down the server.
View 4 Replies
View Related
May 26, 2007
I am unable to set the background for the users on a terminal server.
The server is running Windows server 2003 R2 64 bit Enterprise edition.
I have setup the background path correctly in the group policy for the ou where the users are located. However the background does not load. I have also enabled Active Desktop in the terminal services configuration manager.
Also when I try to set the background manually as the administrator, everything is grey and I am unable to set the background. I have tried to start the Themes service but this does not resvolve the problem. Do anybody here have a suggestion on why I am unable to set the background even on the administrator user manually? (the administrator user does not have any group policies activated).
View 9 Replies
View Related
Jul 31, 2009
1) If I'm logged into my {other VPS} with Putty, then
ssh root@67.xx.xx.xxx
successfully logs me into {new VPS}, after the password prompt, so I know the root password can login (some of the time)
2) ...but not my Windows computer, both Putty, and SFTP fail.
The SFTP error message is :
"ERROR:> [7/31/2009 9:48:08 AM] Can't connect to 67.xx.xx.xxx:22. SFTP21 error = #0."
Port 22 is correct, according to hosting support.
3a) Hosting support said...
"Based on the information you have provided to us, I am assuming that either your firewall or ISP is blocking the standard 22 SSH port. If you would like, we can change this to a custom port number."
3b) That response doesn't help, since I'm using port 22 for the {other VPS}
View 3 Replies
View Related
Apr 5, 2009
Is it possible to log only SQL queries/transactions for a single account (domain)?
I can easily enable logging for the entire server, but I really only need it for a single domain.
MySQL version 5.0.67
View 0 Replies
View Related
May 6, 2009
Firstly this question is not related to running a web hosting business, but to dedicated servers hosting our own websites.
I was just wondering, other than security reasons, what is the importance (if any) of keeping Apache/WWW logs? Are there legal reasons?
If it is best to keep Apache logs, how should we go about this? If we don't look after them properly there will be massive amounts of logs being kept - what is the best way to store them? I know they can be "rolled over" and kept for a certain amount of time, which is the best utility to do this?
The OS is Linux (CentOS) and the web servers are Apache and Lighttpd.
and should proxy/gateway/cache server logs be kept?
View 2 Replies
View Related
Jun 10, 2008
I just bought a new dedicated server and have got Lxadmin on it. Now lxadmin , automatically uses a different loggin system than I would want it to use. It creates a seperate log file for each doamin.
They are located in /home/httpd/EXAMPLE.com/stats
EXAMPLE.com-error_log
EXAMPLE.com-custom_log
Now the problem is that I have literally hundreds of domains and I want it to instead log at a single place and not at these hundreds of seperate places.
This is the root cause of my problem
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
I am unable to have any kind of centralised logging command because of the individual entries for each Virtual host.
Even if i can manually remove those entries once, and new domain created by lxadmin will have that same problem. Morevoer, any kind of update of lxadmin which rebuilds the database will also ruin all the hardwork that I put in.
Is there any suggestion / solution to this problem? Have centralised data at one place in a single file?
View 4 Replies
View Related
Jul 20, 2008
Who here uses remote logging?
If yes state what you are using after voting on the poll.
View 6 Replies
View Related
Nov 4, 2007
We have quite a large number of servers now but I'm now finding it harder and harder to keep log of the number of details for it. How do the bigger guys keep control on this? Ie: Keeping logs of the serial/product keys of each part in the server, where they were ordered from, what date was it ordered etc?
My collection of growing motherboard, ram, processor boxes (which all store the serials of the products on) are now slowly taking over the office even when flat packed. I normally just write on each of the boxes where the product was ordered from, date of order and server name. While this is all well and good.. 50 servers later it can be a bugger to find the serial of that dedi mobo without going to the DC.
I tried my efforts at a simple Access database but I kept finding I spent more and more time typing in complex keycodes into the DB and just gave up. When this has been done it sounds nice and easy but then I hit another stump.
Ontop of logging a new servers details, how do you log which server is available to be sold, who its been sold too? ATM we have a VPN shared spreadsheet with all the details in (praying that the other employees will actually update it) but Im not sure if it will stand up when it hits 100+ servers rather than the 50+ atm.
View 5 Replies
View Related
Apr 29, 2008
Running Apache 2.2.2 and PHP 5.2.5, and my error_logs are filling up with PHP notices. I'd like to turn this feature off, but I must be missing something here. I've edited the php.ini and set error_reporting = E_ALL & ~E_NOTICE, and reloaded apache, but I still get the same php notices over and over again in the httpd error log.
View 1 Replies
View Related
Feb 22, 2007
For some reason on a box I have, it takes 25 seconds from the time I hit enter for a usernames password for it to login via SSH. I am running CentOS 4.4
Is there something I can check to see why it is taking so long and/or fix this?
View 5 Replies
View Related
Jan 8, 2007
Just turned on extended logging in exim. Went through the log (exim_mainlog) and have thousands of these:
2007-01-08 01:44:10 cwd=/tmp 2 args: /usr/sbin/sendmail -bS
2007-01-08 01:44:12 cwd=/tmp 2 args: /usr/sbin/sendmail -ti
2007-01-08 01:44:50 cwd=/tmp 2 args: /usr/sbin/sendmail -bS
Looked in the /tmp dir. and see nothing interesting. Looks like sendmail has been hijacked. Not sure what to look for now.
View 0 Replies
View Related
Oct 16, 2007
I have Cpanel VPS account, and have been regularly backing up all my outgoing emails (via SMTP, imap or webmail) with the following:
Added to following lines in /etc/antivirus.exim
Code:
if first_delivery
and ("$h_from:" contains "username@domain.com")
then
unseen deliver "backup@anotherdomain.com"
endif
So, this worked well for the longest time. At some point it 'disappeared' and stopped working which I guess was due to some update, and putting it back it got it working again.
Recently, I had a new vps, moved my domain there and dropped the same bit in, but this time around, it didn't work.
Is it possible that antivirus.exim isn't being parsed? How do I check? Or is there somewhere else I can stick it into so it'll always work and not get replaced by some cpanel update?
View 4 Replies
View Related
Nov 23, 2007
Is there any script which keep logging CPU and memory usage, sometimes server crashes and i want to know what caused it
View 4 Replies
View Related
May 7, 2007
I thought I knew enough about my .htaccess stuff to do this, but I can't seem to work it out. What I want to do is if a user visits domain.com/folder, we check to see if the folder exists. If so, show as normal (IE domain.com/support)
If a user visits domain.com/dynamicusername (dynamicusername is not a physical folder), redirect to dynamicusername.domain.com
View 3 Replies
View Related
Apr 28, 2008
Does anyone have snort logging to a mysql database?
I am trying to get that to work so I can view the alerts with BASE.
I followed the instructions but snort is not logging to the DB,
View 0 Replies
View Related
Feb 28, 2007
Does anyone have an app they use to track the bandwidth/usage for each connected computer/server?
we have multiple servers hooked up to one internet connection, all running miscrosoft windows software. Ideally i would like ONE of the servers running microsoft 2003 to log all others network usage.
All the servers do different things, so it would be great to check which are under most demand etc.
The other thing is, naturally i dont have screens for them all, only one. So this is the main reason for remote logging. Would be hassle to have to Remote desktop into each one to check how there doing every hour etc.
View 3 Replies
View Related
Feb 22, 2008
We have a box
Cpanel 11
PHP5+ Zend 3.3 +eaccelerator 0.9.5.2+Gzip
CentOS 4
our error_log keeps to have errors
No log handling enabled - turning on stderr logging
Cannot rename /var/net-snmp/snmpapp.conf to /var/net-snmp/snmpapp.0.conf
We have make sure net-snmp is up to date, but still these erros time to time
Client uses drupal system which seems not working well EA, causing a lot of segments fault
The worse is that it seems error happen only when eaccelerator installed
View 1 Replies
View Related
Aug 4, 2008
commands to log packets temporarily for a certain udp port with the IP information ect.
Any help would be appreciated. As for what I am doing, I am trying to find anything wierd or something that stands out from the packets sent from external IP's to my server.
View 3 Replies
View Related