Re: Need to limit number of logins by IP address on server (long) .

From: Green, Simon (SGreen@KRAFTEUROPE.COM)
Date: Tue Sep 24 2002 - 13:12:59 EDT

• Next message: Larry Scheetz: "RS/6000 F50 Disk capacity question"
• Previous message: Bob Booth - UIUC: "Re: Sometimes core-dump when killing TSM-client scheduler"
• Maybe in reply to: Jolet, John: "Re: Need to limit number of logins by IP address on server (long) ."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I haven't done this myself, but I think I'd be inclined to count it all up
each time someone tries to log in, rather than keep some sort of history.
Potentially not as efficient but logically much simpler and less prone to
error, I would think.

Simon Green
Philip Morris ITSC Europe

AIX-L Archive at http://marc.theaimsgroup.com/?l=aix-l&r=1&w=2
AIX FAQ at http://www.faqs.org/faqs/aix-faq/

N.B. Unsolicited email from vendors will seldom be appreciated.

> -----Original Message-----
> From: Chladek, Dave [mailto:Dave.Chladek@NHMCCD.EDU]
> Sent: 24 September 2002 16:56
> To: aix-l@Princeton.EDU
> Subject: Need to limit number of logins by IP address on
> server (long).
>
>
> Hey guys, I'm in a bit of a pickle here and I hope, but
> doubt, that someone
> else has already invented this wheel. My administration
> wants to limit the
> number of sessions, a single user can have at any given time,
> to a specific
> number of concurrent telnet sessions per user id/login. This
> number can be
> from 1 to 10 but the kicker is... only if they are coming
> from the same IP
> number.
>
> I currently have a process that reads a file and checks the number of
> sessions they are currently logged into and gently notified
> them if they are
> exceeding it but it does not check to make sure they are from
> the same IP
> address. It sounds easy but I'm unsure of how to approach
> this. I was
> thinking of writing to a flat file each time the user logs in specific
> information using the 'who -m' command which logs the login
> id, tty, date &
> time and IP address for that session. Then I would compare with any
> previous login IP address and if it's OK then write it and
> allow them to log
> in. When they log out of the system, it would remove the specific
> information from the flat file and use this as a check. I
> think I'm over
> complicating this process and looking for any suggestions.

• Next message: Larry Scheetz: "RS/6000 F50 Disk capacity question"
• Previous message: Bob Booth - UIUC: "Re: Sometimes core-dump when killing TSM-client scheduler"
• Maybe in reply to: Jolet, John: "Re: Need to limit number of logins by IP address on server (long) ."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 22:16:13 EDT