Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: who does not report any output with OpenSSH v4.5p1

from [jmacaranas] Network Security [Permanent Link]
Subject: RE: who does not report any output with OpenSSH v4.5p1
Date: Fri, 11 Jan 2008 09:26:05 -0500 
Maybe there is something wrong with UTMP file?

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Sharad
Sent: Friday, January 11, 2008 12:41 AM
To: secureshell@securityfocus.com
Subject: who does not report any output with OpenSSH v4.5p1

Hello Everyone,
 
I have this peculiar problem where in who does not
list the right output or even no output. This is
however not the case when I login over telnet or even
HPUX Secure Shell (built on OpenSSH version 4.3p2)
(OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.007, HP-UX Secure Shell
version)
 
Here is the sample when using OpenSSH 4.5p1:
After login with my user id and switching to root, I
issue following commands:
 
[root@bdhp4639:/root]
# who -m
[root@bdhp4639:/root]
# who am i
[root@bdhp4639:/root]
# whoami
root
[root@bdhp4639:/root]
# who
bi5822     pts/3        Dec 18 06:16
 
Now I logout and issue same commands:
 
[root@bdhp4639:/root]
# exit
logout
 
[az8793@bdhp4639:/home/az8793]
$ who -m
[az8793@bdhp4639:/home/az8793]
$ who am i
[az8793@bdhp4639:/home/az8793]
$ whoami
az8793
[az8793@bdhp4639:/home/az8793]
$ 

Notice that I am not identified as my user id; az8793
and user bi5822 is not even logged on. I have moved
/var/adm/wtmp and wtmps and touched them already.

I am running OpenSSH v4.5p1 and OpenSSL 0.9.8d on HPUX
11iv2 IA64:
 
[az8793@bdhp4639:/home/az8793]
$ ssh -V 
OpenSSH_4.5p1, OpenSSL 0.9.7l 28 Sep 2006
[az8793@bdhp4639:/home/az8793]
$ openssl version
OpenSSL 0.9.8d 28 Sep 2006
 
Any help is greatly appreciated.
 
Thanks in advance.
 
Sharad Saraswat


 
________________________________________________________________________
____________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 


--------------------------------------------------------------------------------------------------------
This message and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom it is
addressed. It may contain sensitive and private proprietary or legally
privileged information. No confidentiality or privilege is waived or
lost by any mistransmission. If you are not the intended recipient,
please immediately delete it and all copies of it from your system,
destroy any hard copies of it and notify the sender. You must not,
directly or indirectly, use, disclose, distribute, print, or copy any
part of this message if you are not the intended recipient. 
FXDirectDealer, LLC reserves the right to monitor all e-mail 
communications through its networks. Any views expressed in this 
message are those of the individual sender, except where the 
message states otherwise and the sender is authorized to state them.

Unless otherwise stated, any pricing information given in this message
is indicative only, is subject to change and does not constitute an
offer to deal at any price quoted. Any reference to the terms of
executed transactions should be treated as preliminary only and subject
to our formal confirmation. FXDirectDealer, LLC is not responsible for any
recommendation, solicitation, offer or agreement or any information
about any transaction, customer account or account activity contained in
this communication.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  who does not report any output with OpenSSH v4.5p1, Sharad
Next by Date:  Re: who does not report any output with OpenSSH v4.5p1, Logu
Previous by Thread:  who does not report any output with OpenSSH v4.5p1, Sharad
Next by Thread:  Re: who does not report any output with OpenSSH v4.5p1, Logu
Indexes:  [Date] [Thread] [Top] [All Lists]