by Cliff Jon » Wed, 31 May 1995 04:00:00
by Mark W. Schuma » Thu, 01 Jun 1995 04:00:00
--
"Mike White: The Ralph Perk of the '90s. Bring back Dennis Kucinich in '97!"
by Shawn Bro » Thu, 01 Jun 1995 04:00:00
If you need more, get the lsof package (use archie to find it.)
Shawn
for the sake of a little safety deserve neither | Finger for PGP public key
liberty nor safety." - Benjamin Franklin | Thwart gov't - use PGP!
NSA PGP Bomb FBI Assassinate LSD Waco BATF AK-47 Thermite Sarin Methamphetamine
by Leslie Westm » Thu, 01 Jun 1995 04:00:00
do a 'man netstat' and see if you have thatQuote:>I manage a few unix boxes (mostly SCO and linux) and contiually find
users
>using telnet, ftp, trn, xterm ,etc and cannot find the ip address there
>going to. I 've tried the last command but it only lists telnet and ftp.
>Is there a way to see all address and ports a workstation connects to
????
by Mr Pi » Tue, 06 Jun 1995 04:00:00
netstat -a
1. User logging (WAS: Is it possible to log original IP addresses?)
OK, thanks to everyone who pointed me to X-Forwarded-For header,
which contains the address of client behind the proxy. It really works,
but it looks like in case of proxy forwarding request to another proxy
I'm getting the address of that previous proxy:
i.e. client->proxyA->proxyB->server and I log proxyA in X-Forwarded-For
...
Log format:
CustomLog xxxxx "%h %l %u %t \"%r\" %s %b \"%{Referer}i\"
\"%{User-Agent}i\" %{X-Forwarded-For}i"
Sample log line:
basil.ulcc.wwwcache.ja.net - - [19/Apr/2000:12:53:36 +0400] "GET
/Exclusive/exclusive_K8.html HTTP/1.0" 200 2783 "-" "Mozilla/4.0
(compatible; MSIE 5.0; Windows NT)" unknown, 194.82.103.8
nslookup 194.82.103.8
Name: quietly-confident.wwwcache.ja.net
#telnet 194.82.103.8 3128
Trying 194.82.103.8...
Connected to 194.82.103.8.
Escape character is '^]'.
GET /
HTTP/1.0 400 Bad Request
Server: Squid/2.2.STABLE5-hno.20000202
...
So proxyA = quietly-confident.wwwcache.ja.net, proxyB=
basil.ulcc.wwwcache.ja.net,
client= ???
So now my questions are:
1. Are my conclusions correct?
2. Are there any better methods for tracking server users, including
users
behind proxies? May be cookies will help and if yes, are there any tools
for
that?
3. Can anybody explain why I am getting 'unknown,' in this log line
"Mozilla/4.0 (compatible; MSIE 5.0; Windows NT)" unknown, 194.82.103.8
Other log lines look as they should be:
"Mozilla/4.7 [en] (Win98; I)" 193.232.8.111
Again, custom format here is
\"%{User-Agent}i\" %{X-Forwarded-For}i
Many thanks in advance
Michael
2. XF86401+KDE2... TrueType Fonts, No Wallpaper
3. Getting ip address of logged in user
4. Linux and people with disabilities
5. Am I seeing IPv5, or am I hallucinating?
6. How to configure HP Vectra "port mouse" under Linux?
7. IP Chains by User, not IP Address,
8. RIVA TNT AGP and XFree86 3.3.3.1 help!
9. IP accounting on a per-user basis, rather than per IP address.
10. command last sees user still logged on !
11. Ip-Masquerade and games over the net...what am I doing wrong????????
12. Why I am getting two IP addresses when I connect to my work through VPN
13. no terminal/ip address information displayed by "who am i"