Differences

This shows you the differences between two versions of the page.

--- pages:howtos:linuxunix:determine_connection_source_hosts [2021/12/01 16:56] – mischerh
+++ pages:howtos:linuxunix:determine_connection_source_hosts [2021/12/09 23:23] (current) – rokkitlawnchair
@@ Line 1: / Line 1: @@
-{{tag>wtmp strings hostname ip egrep grep utmpdump howto}}
+{{tag>wtmp strings hostname ip egrep grep utmpdump aix howto}}
 ====== determine connection source hosts ======
   * http://www.linuxquestions.org/questions/linux-security-4/var-log-wtmp-72976/
+  * https://linux.die.net/man/5/wtmp
 <sxh bash; gutter: false>
-strings /var/log/wtmp | egrep -vi "^pts\/|^ts\/" | grep -P "[a-z0-9_\-]+\.[a-z0-9_\-]+"
+strings /var/log/wtmp | egrep -vi "^pts\/|^ts\/" | grep -P "[0-9_\-]+\.[0-9_\-]+\.[0-9_\-]+\.[0-9_\-]+" | sort | uniq
 utmpdump /var/log/wtmp | less
+/usr/lib/acct/fwtmp < /var/adm/wtmp > /tmp/abc.out # AIX
+</sxh>
-/usr/lib/acct/fwtmp < /var/adm/wtmp > /tmp/abc.out
+----
-</sxh>
+~~DISCUSSION~~