On Tue, 30 Sep 1997, Adrian Rollett wrote:
> Being somewhat paranoid, but mostly curious, I would like to have some
> sort of monitor that will sit there in X and note all incoming connections
> (telnet, ftp, etc.) Anyone know of anything like this?

syslog would be the easiest way to do it I think.  It sorta depends on how you 
have everything set up.  For example, if ftpd's entry is ftp -l, then it will
record all logins.  If it is ftp -l -l, then it will record logins and 
transfers.  Also, I don't think that you can get telnetd to log incoming
connections.  In terms of logging in, the only info that syslog gets is su
attempts and successes.   You are also limited by what programs use syslog.
One thing I do is have my cgi scripts use syslog, using the local* facility.

Just for reference, my NetBSD box is sitting on my desk, but it is just a
server, and not my primary machine, so for most of the time, I just have
tail -f /var/log/syslog running on the console.  It isn't too useful, 
but I know the instant I get mail...

----------------------------------------

Dan Heller
heller@andrew.cmu.edu
http://www.andrew.cmu.edu/~heller/

"You'll find many of the truths we cling to depend greatly
    on our point of view"