VMS Help
SHOW, INTRUSION
 *Conan The Librarian (sorry for the slow response - running on an old VAX) 

    Displays the contents of the intrusion database.

    Requires SECURITY privilege.

    Format

      SHOW INTRUSION

  1 - Qualifiers

 1.1 - /NODE 

       /NODE[=(node-name[,...])]

    The /NODE qualifier displays each intrusion record with the
    supporting node information.

    If you specify individual nodes, the supporting node information
    is displayed only for the nodes listed.

 1.2 - /OLD 

    On VAX, displays the contents of the old kernel mode intrusion
    database. The kernel mode intrusion database was used by the
    system and layered products prior to OpenVMS VAX Version 6.1. It
    is still updated by the system to provide backwards compatability
    to applications that have not yet converted over to using the
    supported system services for access to the intrusion database.
    Entries added directly to the old kernel mode intrusion database
    by applications may be examined only by using the /OLD qualifier.

 1.3 - /OUTPUT 

       /OUTPUT[=filespec]

    Directs the output from the SHOW INTRUSION command to the file
    specified with the qualifier. By default, output from the command
    is displayed to SYS$OUTPUT.

 1.4 - /TYPE 

       /TYPE=keyword

    Selects the type of information from the intrusion database that
    is displayed. The valid keywords are as follows:

    ALL        All entries. By default, all entries are displayed.

    SUSPECT    Entries for login failures that have occurred but have
               not yet passed the threshold necessary to be identified
               as intruders.

    INTRUDER   Entries for which the login failure rate was high
               enough to warrant evasive action.

  2 - Examples 

    1.$ SHOW INTRUSION/OUTPUT=INTRUDER.LIS

      The SHOW INTRUSION command in this example writes all the
      entries currently in the intrusion database to the file
      INTRUDER.LIS.

    2.$ SHOW INTRUSION/TYPE=INTRUDER

      Intrusion   Type      Count    Expiration    Source
      TERMINAL    INTRUDER    9      10:29:39.16   AV34C2/LC-1-15:
      NETWORK     INTRUDER    7      10:47:53.12   NODE22::RONNING

      In this example, the SHOW INTRUSION command displays all
      intruder entries currently in the intrusion database.

    3.$ SHOW INTRUSION/NODE
       NETWORK      SUSPECT       5   26-JUL-2001 08:51:25.66  POPEYE::WONG
          Node: TSAVO      Count:    2
          Node: FROGGY     Count:    2
          Node: KITTY      Count:    1

      This command displays each intrusion record for all nodes.

    4.$ SHOW INTRUSION/NODE=(FROGGY,KITTY)
       NETWORK      SUSPECT       5   26-JUL-2001 08:51:25.66  POPEYE::HAMMER
          Node: FROGGY     Count:    2
          Node: KITTY      Count:    2

      This command displays intrusion record information for nodes
      FROGGY and KITTY.

    5.$ SHOW INTRUSION/NODE=EVMSA
      $

      This command shows that there are no intrusion records for node
      EVMSA.
  Close     HLB-list     TLB-list     Help  

[legal] [privacy] [GNU] [policy] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.