when users do bad things
Hi list, User A starts to do things that he shouldn't be doing. Nothing dangerous but annoying, like typing eject just for fun. Any way to kill his connection to the server, in other words, kick him out and maybe keep him away for a few hours. As always, your help is appreciated. A.
On Sat, 2002-06-15 at 23:20, Alberto Santana wrote:
Any way to kill his connection to the server, in other words, kick him out and maybe keep him away for a few hours.
iptables -I INPUT -s source -i interface -j DROP;sleep #h;iptables -D INPUT -s source -i interface -j DROP Where source is his ip address. # is the number of hours and interface is the interface to which you want him denied. For example: iptables -I INPUT -s 192.168.10.2 -i ppp0 -j DROP;sleep 4h;iptables -D INPUT -s 192.168.10.2 -i interface -j ppp0 If you are using ipchains, just substitute iptables with ipchains. Charles -- "Never make any mistaeks." (Anonymous, in a mail discussion about to a kernel bug report.)
On Sat, 2002-06-15 at 23:57, Charles Philip Chan wrote:
iptables -I INPUT -s 192.168.10.2 -i ppp0 -j DROP;sleep 4h;iptables -D INPUT -s 192.168.10.2 -i interface -j ppp0
Sorry, typed too fast, this part should be: iptables -I INPUT -s 192.168.10.2 -i ppp0 -j DROP;sleep 4h;iptables -D INPUT -s 192.168.10.2 -i ppp0 -j DROP Charles -- "MSDOS didn't get as bad as it is overnight -- it took over ten years of careful development." (By dmeggins@aix1.uottawa.ca)
Hi list,
User A starts to do things that he shouldn't be doing. Nothing dangerous but annoying, like typing eject just for fun. Any way to kill his connection to the server, in other words, kick him out and maybe keep him away for a few hours.
put "alias eject logout" in his ~/.bashrc file ;-) Doug
On Sun, 16 Jun 2002, Douglas just had to get this off his chest:
Hi list,
User A starts to do things that he shouldn't be doing. Nothing dangerous but annoying, like typing eject just for fun. Any way to kill his connection to the server, in other words, kick him out and maybe keep him away for a few hours.
put "alias eject logout" in his ~/.bashrc file ;-)
I'd start by taking away the suid bits of all the files the users shouldn't use anyway, like eject. Theo -- Theo v. Werkhoven ICBM 52 8 24N , 4 32 40E. S.u.S.E 7.3 x86 Kernel 2.4.16-4GB See headers for PGP/GPG info.
On Sat, Jun 15, 2002 at 11:20:32PM -0400, santana@qtp.ufl.edu wrote:
Hi list,
User A starts to do things that he shouldn't be doing. Nothing dangerous but annoying, like typing eject just for fun. Any way to kill his connection to the server, in other words, kick him out
man killall
and maybe keep him away for a few hours.
either edit /etc/passwd and change his shell to /bin/false, or edit /etc/shadow and change the password field to "*" (without quotes). Make sure you keep a copy of the original so you can reinstate it. HTH... -- David Smith | Tel: +44 (0)1454 462380 Home: +44 (0)1454 616963 STMicroelectronics | Fax: +44 (0)1454 617910 Mobile: +44 (0)7932 642724 1000 Aztec West | TINA: 065 2380 Almondsbury | Work Email: Dave.Smith@st.com BRISTOL, BS32 4SQ | Home Email: David.Smith@ds-electronics.co.uk
participants (5)
-
Alberto Santana -
Charles Philip Chan -
Dave Smith -
Douglas Pichardo -
Theo v. Werkhoven