Several weeks ago, I wrote:
I have been looking for way to able to output a message to a user
before he or she sees the login message on our Sun 3's and 4'ss. I
especially need this when someone tries to telnet or ftp to our Suns.
We are running under SunOS 4.1.1.. Does anyone have a solution to this
problem?
Thanks to all who replied to my problem. I had many replies. The
following is a summary of the various solutions.
1) Put the warning message in /etc/motd, the message of the day.
I already did this before but this is seen only after one signs onto
the computer.
2) Use a "wrapper" for in.telnetd. Change the line in /etc/inetd.conf
from
telnet stream tcp nowait root /usr/etc/in.telnetd in.telnetd
to
telnet stream tcp nowait root /.../telnet.msg in.telnetd
Telnet.msg is simply a script that outputs the warning and then invokes the telnet daemon process. Where this script lives is up to you - ours is in /usr/local/scripts. An example is:
#!/bin/sh
#
/usr/5bin/echo
/usr/5bin/echo "_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_] THIS IS A PRIVATE COMPUTING SYSTEM, _] \r"
/usr/5bin/echo "_] RESTRICTED TO AUTHORIZED USERS. _] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_] UNAUTHORIZED ACCESS OR USE WILL _] \r"
/usr/5bin/echo "_] RESULT IN PROSECUTION. _] \r"
/usr/5bin/echo "_] _] \r"
/usr/5bin/echo "_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_]_] \r"
/usr/5bin/echo
/usr/5bin/echo
exec in.telnetd
This solved the problem regarding telnet.
3) Another common response was about using this type of entry in the
/etc/gettytab file:
:im=\r\n\r\n\r\n\r\n NOTICE\072 THIS PRIVATE SYSTEM IS RESTRICTED TO AUTHORIZED USERS.\r\n UNAUTHORIZED ACCESS OR USE WILL RESULT IN PROSECUTION.\r\n\r\n\n\n\n%h :\ :sp#9600:
This was already implemented on our machines. This only works on consoles.
>
4) Here is another response for telnet. There is a package to log TCP
service requests and to restrict access. It can be modified to put
out messages before starting up a telnet session. It is available
by anonymous ftp on:
ux.cso.uiuc.edu:/net/log_tcp
5) Here is another solution for telnet which is similar to the one involving
a wrapper.
Use the following program telnetd.banner.c
main ()
{
system("/bin/cat /etc/telnetbanner");
execl("/usr/etc/in.telnetd.real","/usr/etc/in.telnetd.real",(char *)0);
}
the banner file
**********************************************************
**** You are attempting to login to an XXXXXXXX ****
**** ****
**** UNAUTHORIZED ACCESS WILL BE PROSECUTED ****
**********************************************************
the Makefile
a.out: telnetd.banner.c
cc telnetd.banner.c
install: a.out
if [ \! -f /usr/etc/in.telnetd.real ]; then\
mv /usr/etc/in.telnetd /usr/etc/in.telnetd.real;\
fi
cp a.out /usr/etc/in.telnetd
chmod 755 /usr/etc/in.telnetd
chown root.staff /usr/etc/in.telnetd
if [ \! -f /etc/telnetbanner ]; then\
cp telnetbanner /etc/telnetbanner;\
fi
chmod 644 /etc/telnetbanner
and the install
#!/bin/csh -f
make install >/dev/null
6) A common response for ftp was to change ftpd.
I obtained source code for both ftp and ftpd via anonymous ftp
and I'm in the process of seeing if it can run on our Sun's.
I would like to thank all those responded.
ups!kevin@fourx.Aus.Sun.Com(Kevin Sheehan)
Perry_Hutchison.Portland@xerox.com(Perry Hutchison)
russell@ag.auburn.edu(Ronald C. Russell)
phillips@athena.Qualcomm.COM(Marc Phillips)
vasey@issi.com(Ron Vasey)
stanley@skyking.oce.orst.edu(John Stanley)
wis@csd4.csd.uwm.edu(Bill Stapleton)
turtle@sciences.sdsu.edu(Andrew Scherpbier)
stern@sunne.East.Sun.COM(Hal Stern)
dme9246@eeidf002.ca.boeing.com(Dave Estlick)
phil@dgbt.doc.ca(Phil Blanchfield)
js@princeton.edu(Jay Sekora)
john@solar.nova.edu(John Paul O'Brien)
mdl@cypress.com(J. Matt Landrum)
fgreco@fis1026.shearson.com(Frank Greco)
reynolds@icgmfg.mke.ab.com(Michael D. Reynolds)
steve@pinet.aip.org(Stephen M. LuShing)
ian@vortex.yorku.ca(Ian Lumb)
chuck-strickland@orl.mmc.com(Malcom C. Strickland)
hasley@bgsu.edu(John C. Hasley)
rich_b@oldham.gpsemi.com(Richard Bogusz)
Bernards@ECN.NL)Marcel Bernards)
sommer@vsun02.ag01.Kodak.com(Tilman Sommer)
birger@vest.sdata.no(Birger A. Wathne)
mann@emma.la.asu.edu(Mark Mann)
bzs@world.std.com(Barry Shein)
strata@eddie.mit.edu(M Strata Rose)
bb@math.ufl.edu(Brian Bartholomew)
tommy@homxb.att.com
howie@ivory.cc.columbia.edu(Howie Kay)
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:06:50 CDT