warning message summary

From: Gordon Kido SE12 4176 (se12gsk@nwac.sea06.navy.mil)
Date: Thu Oct 01 1992 - 02:53:15 CDT


   Several weeks ago, I wrote:

      I have been looking for way to able to output a message to a user
before he or she sees the login message on our Sun 3's and 4'ss. I
especially need this when someone tries to telnet or ftp to our Suns.
We are running under SunOS 4.1.1.. Does anyone have a solution to this
problem?

     Thanks to all who replied to my problem. I had many replies. The
following is a summary of the various solutions.

 1) Put the warning message in /etc/motd, the message of the day.

  I already did this before but this is seen only after one signs onto
  the computer.

 2) Use a "wrapper" for in.telnetd. Change the line in /etc/inetd.conf
  from
telnet stream tcp nowait root /usr/etc/in.telnetd in.telnetd
  to
telnet stream tcp nowait root /.../telnet.msg in.telnetd

Telnet.msg is simply a script that outputs the warning and then invokes the telnet daemon process. Where this script lives is up to you - ours is in /usr/local/scripts. An example is:

#!/bin/sh
#
/usr/5bin/echo
/usr/5bin/echo "_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_] THIS IS A PRIVATE COMPUTING SYSTEM, _] \r"
/usr/5bin/echo "_] RESTRICTED TO AUTHORIZED USERS. _] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_] UNAUTHORIZED ACCESS OR USE WILL _] \r"
/usr/5bin/echo "_] RESULT IN PROSECUTION. _] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_] \r"
/usr/5bin/echo
/usr/5bin/echo
exec in.telnetd

This solved the problem regarding telnet.

  3) Another common response was about using this type of entry in the
      /etc/gettytab file:

       :im=\r\n\r\n\r\n\r\n NOTICE\072 THIS PRIVATE SYSTEM IS RESTRICTED TO AUTHORIZED USERS.\r\n UNAUTHORIZED ACCESS OR USE WILL RESULT IN PROSECUTION.\r\n\r\n\n\n\n%h :\ :sp#9600:

     This was already implemented on our machines. This only works on consoles.
>
   4) Here is another response for telnet. There is a package to log TCP
      service requests and to restrict access. It can be modified to put
      out messages before starting up a telnet session. It is available
      by anonymous ftp on:
      ux.cso.uiuc.edu:/net/log_tcp

   5) Here is another solution for telnet which is similar to the one involving
      a wrapper.

       Use the following program telnetd.banner.c
main ()
{
        system("/bin/cat /etc/telnetbanner");
        execl("/usr/etc/in.telnetd.real","/usr/etc/in.telnetd.real",(char *)0);
}

 the banner file
  **********************************************************
 **** You are attempting to login to an XXXXXXXX ****
**** ****
 **** UNAUTHORIZED ACCESS WILL BE PROSECUTED ****
  **********************************************************

the Makefile
a.out: telnetd.banner.c
        cc telnetd.banner.c

install: a.out
        if [ \! -f /usr/etc/in.telnetd.real ]; then\
                mv /usr/etc/in.telnetd /usr/etc/in.telnetd.real;\
        fi
        cp a.out /usr/etc/in.telnetd
        chmod 755 /usr/etc/in.telnetd
        chown root.staff /usr/etc/in.telnetd
        if [ \! -f /etc/telnetbanner ]; then\
                cp telnetbanner /etc/telnetbanner;\
        fi
        chmod 644 /etc/telnetbanner

and the install

#!/bin/csh -f

make install >/dev/null

       6) A common response for ftp was to change ftpd.

       I obtained source code for both ftp and ftpd via anonymous ftp
       and I'm in the process of seeing if it can run on our Sun's.

  I would like to thank all those responded.

 ups!kevin@fourx.Aus.Sun.Com(Kevin Sheehan)
 Perry_Hutchison.Portland@xerox.com(Perry Hutchison)
 russell@ag.auburn.edu(Ronald C. Russell)
 phillips@athena.Qualcomm.COM(Marc Phillips)
 vasey@issi.com(Ron Vasey)
 stanley@skyking.oce.orst.edu(John Stanley)
 wis@csd4.csd.uwm.edu(Bill Stapleton)
 turtle@sciences.sdsu.edu(Andrew Scherpbier)
 stern@sunne.East.Sun.COM(Hal Stern)
 dme9246@eeidf002.ca.boeing.com(Dave Estlick)
 phil@dgbt.doc.ca(Phil Blanchfield)
 js@princeton.edu(Jay Sekora)
 john@solar.nova.edu(John Paul O'Brien)
 mdl@cypress.com(J. Matt Landrum)
 fgreco@fis1026.shearson.com(Frank Greco)
 reynolds@icgmfg.mke.ab.com(Michael D. Reynolds)
 steve@pinet.aip.org(Stephen M. LuShing)
 ian@vortex.yorku.ca(Ian Lumb)
 chuck-strickland@orl.mmc.com(Malcom C. Strickland)
 hasley@bgsu.edu(John C. Hasley)
 rich_b@oldham.gpsemi.com(Richard Bogusz)
 Bernards@ECN.NL)Marcel Bernards)
 sommer@vsun02.ag01.Kodak.com(Tilman Sommer)
 birger@vest.sdata.no(Birger A. Wathne)
 mann@emma.la.asu.edu(Mark Mann)
 bzs@world.std.com(Barry Shein)
 strata@eddie.mit.edu(M Strata Rose)
 bb@math.ufl.edu(Brian Bartholomew)
 tommy@homxb.att.com
 howie@ivory.cc.columbia.edu(Howie Kay)

 



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:50 CDT