LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > AIX
User Name
Password
AIX This forum is for the discussion of IBM AIX.
eserver and other IBM related questions are also on topic.

Notices

Reply
 
Search this Thread
Old 04-25-2007, 12:59 PM   #1
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Rep: Reputation: 15
Keylogger for AIX


I need a way of logging all output to the screen on AIX for logging telnet sessions. I've been using the script command but the problem I found with this is that there is some sort of buffer that is filled before the data is written to a file and if the telnet session is terminated abruptly, so is th script command, and I lose a considerable amount of data. If the session is ended properly, with an exit command, then everything works well.

Is there any other way of doing the logging that I want? I'd even be willing to manually edit the script command if I had the source code.
 
Old 04-25-2007, 02:26 PM   #2
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,950
Blog Entries: 5

Rep: Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755
You might want to telnet in, start "screen" THEN start "script". The "screen" command allows you to attach and detach from a session even on different terminals. If your session aborts you should be able to log back in and reattach to the "screen" session.

"screen" like "script" is a program you'd likely have to download.

One caveat - "screen" has its own hot keys like "script" does. I recall doing "screen" and "script" together on HP at a prior job but seem to recall having had to play with the hot keys because they had one in common.
 
Old 04-25-2007, 02:36 PM   #3
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 70
Quote:
Originally Posted by acascianelli
I'd even be willing to manually edit the script command if I had the source code.
Here’s where we GNU/Linux people get out “script” command from. And here’s a direct link to a BSD one that’s a bit more portable. <insert jab at big-iron users here>
 
Old 04-25-2007, 02:37 PM   #4
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
Script looks to be installed by default. I'll do some researching into screen though.

Update...

Is 'screen' the same as 'dscreen'?

Last edited by acascianelli; 04-25-2007 at 02:46 PM.
 
Old 04-25-2007, 02:58 PM   #5
MensaWater
Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 5,950
Blog Entries: 5

Rep: Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755Reputation: 755
dscreen not mentioned in man page for screen so I don't think so but I don't know what dscreen is.
 
Old 04-25-2007, 03:02 PM   #6
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
Quote:
dscreen Command

Purpose

Starts the Dynamic Screen utility.

Syntax

dscreen [ -i InfoFile ] [ -t TermType ]

Description

The dscreen command starts the Dynamic Screen utility, which allows a single
physical terminal to be connected to several virtual sessions, or screens, at
one time.

If no flags are specified, the dscreen command reads the description for the
terminal specified in the TERM environment variable from the file specified in
the DSINFO environment variable. If the DSINFO environment variable is not
specified, the terminal description is read from the /etc/dsinfo file. A
terminal description typically contains the following configuration information:

o Keys used with the Dynamic Screen utility and their function
o Number of pages of screen memory the terminal has available
o Code sequences that must be sent or received to access and use Dynamic
Screen features
This is from the man page of dscreen.
 
Old 04-25-2007, 06:14 PM   #7
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
Let me clarify what I need...

We have about 15 AIX boxes, they run an application which is served out to our clients. Every so often, the software vendor will need to telnet into the servers and make whatever changes they need to do. A few times, they have been logged in and some change they did cause some downtime. I was given the task of figuring out how to the telnet session. I want to log all input, and output to the display.
 
Old 04-27-2007, 08:47 AM   #8
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
This bit of code may have solved all my problems...

Code:
until [[ $LOOPSTATUS = "false" ]] ;
do
 cd $CURRENTPATH
 read log?"$ "
 echo "$ $log" >> $FILENAME
 if [[ $log = cd* ]] ; then
  CURRENTPATH=`$log && pwd`
 elif [[ $log = exit ]] ; then
  LOOPSTATUS=false
 else
  exec $log | tee -a $FILENAME
 fi
done
...A wee bit more complicated than a simple script command, but it solves the problem I was having with the log files being incomplete. It is also a little more difficult to detect that it is running.

Last edited by acascianelli; 04-27-2007 at 10:42 AM.
 
Old 04-30-2007, 07:48 AM   #9
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
...I'm still having problems. That last bit of script was interesting but I learned some of the problems with using the 'tee' command.

So if anybody else has any input on logging telnet or ksh sessions I'd appreciate some help.
 
Old 05-01-2007, 12:28 PM   #10
acascianelli
Member
 
Registered: Oct 2002
Location: Michigan
Distribution: Ubuntu 9.04
Posts: 60

Original Poster
Rep: Reputation: 15
More keylogging goodness. The following command writes all stdin and stdout to a log file in realtime...

Code:
exec script /dev/null | tee $FILENAME
It's is kind of ironic that what I couldn't accomplish with a tee and script command independently, I am able to do with both commands in conjunction.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
keylogger? |2ainman Linux - Security 4 08-21-2013 03:48 AM
Linux keylogger roclok Linux - Software 61 03-08-2010 08:47 AM
anti keylogger lini Linux - Security 4 01-07-2006 05:56 AM
keylogger in java? Laptop2250 Programming 2 01-08-2005 05:27 PM
help with lkl keylogger br0k3n Linux - Software 0 07-22-2004 04:55 PM


All times are GMT -5. The time now is 08:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration