Security Basics mailing list archives
RE: Remotely check login status
From: "Chadha, Sachin" <Sachin.Chadha () ocwen com>
Date: Tue, 20 Jan 2009 22:41:20 +0530
Commands to check who is currently logged in to the computer remotely.
WINDOWS
=============
qwinstall in XP
session in 2003
eg : qwinsta /server:IP &&
query session /server:IP in server ed.
UNIX
=============
*nix flavor: try "w" ...as said by others...
Regards
Sachin Chadha
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Jason Hurst
Sent: Tuesday, January 20, 2009 5:30 AM
To: Francesc Vila; Christian Eibl
Cc: security-basics () securityfocus com
Subject: RE: Remotely check login status
Hi List,
For Windows machines, you can download the Sysinternals suite from
Microsoft.
http://technet.microsoft.com/en-us/sysinternals/0e18b180-9b7a-4c49-8120-
c47c5a693683.aspx
Once downloaded, one of the utilities is called PSLOGGEDON.
You can type PSLOGGEDON \\computer_name or IP_address and it will tell
you who is logged on to that machine.
Hope that helps.
Jason Hurst
Network Security Administrator
Panda Restaurant Group
jason.hurst () pandarg com
Work: (626) 799-9898 ext. 8662
Direct: (626) 372-8038
Fax: (626) 372-8397
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Francesc Vila
Sent: Monday, January 19, 2009 11:42 AM
To: Christian Eibl
Cc: security-basics () securityfocus com
Subject: Re: Remotely check login status
Hi christian
Well, I am not a windows expert, and I don't know what command you
could use (but I'm pretty sure there is some). In linux, solaris, bsd
(as I am aware) you could use the w command to see who is logged in.
I'm not sure if you're asking about this.... but well, you have to be
careful because if you are looking for someone who has penetrated in
the system, the output could be incorrect....
Francesc
On Sat, Jan 17, 2009 at 10:41 PM, Christian Eibl <chreibl () gmx de> wrote:
Hi all, I was wondering, if there exist means of checking remotely whether
someone
is already logged onto the system. Since most modern systems today
need
users to input their authentication data instead of automatically
provide
full access, there obviously are different states in the operating
systems,
i.e., just completely started up or even with users active in the
system.
This question does not aim at a specific OS but is meant for all
systems.
The most obvious way of such checks would consist of specific network services only started by certain users on the systems. Well, I am no Windows geek, but I could also imagine that file or printer sharing together with this port 139 / 445 stuff could provide information
about
this, but I am not sure... Anyone an idea how or whether this is possible? It is especially
interesting
concerning privacy within networks. Regards, Christian
******************************************************************************************************* This E-mail message and its attachments, if any are intended solely for the use of the addressee hereof. In addition, this message and the attachments, if any may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this message, you are prohibited from reading, disclosing, reproducing, distributing, disseminating or otherwise using this transmission. Delivery of this message to any person other than the intended recipient is not intended to waive any right or privilege. If you have received this message in error, please promptly notify the sender by reply E-mail and immediately delete this message from your system. Instructions transmitted over this system are not binding on us until they are confirmed by us. Message transmission is not guaranteed to be secure or free of software virus. While Ocwen Financial Corporation and its subsidiaries collectively "Ocwen" takes every reasonable precaution to minimize such risks, Ocwen cannot accept liability for any damage sustained by you or any third party as a result of software viruses. *******************************************************************************************************
Current thread:
- Remotely check login status Christian Eibl (Jan 19)
- Re: Remotely check login status Francesc Vila (Jan 19)
- RE: Remotely check login status Jason Hurst (Jan 20)
- RE: Remotely check login status Chadha, Sachin (Jan 20)
- RE: Remotely check login status Jason Hurst (Jan 20)
- Re: Remotely check login status Meta Junkie (Jan 19)
- Re: Remotely check login status Salvador III Manaois (Jan 20)
- Re: Remotely check login status Nikhil Wagholikar (Jan 20)
- RE: Remotely check login status Dan Denton (Jan 20)
- Re: Remotely check login status Christian Eibl (Jan 21)
- RE: Remotely check login status Jeremi Gosney (Jan 21)
- <Possible follow-ups>
- Re: Remotely check login status chmod177 (Jan 21)
- Re: Remotely check login status Francesc Vila (Jan 19)