Date: Tue, 17 Feb 1998 10:30:12 -0500 From: Robert Beer <r-beer@onu.edu> To: Nikolas Kauer <kauer@pheno.physics.wisc.edu>, freebsd-questions@FreeBSD.ORG Subject: Re: Monitoring unsuccessful login attempts Message-ID: <l031028bbb10f5b8eeb3a@[140.228.15.35]> In-Reply-To: <9802162238.AA03614@pheno.physics.wisc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
At 5:38 PM -0500 2/16/98, Nikolas Kauer wrote: >Is there a simple way or tool to check for high numbers >of unsuccessful login attempts (and only unsuccessful ones)? As Doug White already replied, you need to configure the syslogd from /etc/syslogo.conf. You might using something like this: # Consider making the authpriv log file restricted access authpriv.* /var/log/secure *.err;kern.debug;auth.notice;authpriv.none;mail.crit /dev/console *.notice;kern.debug;lpr.info;authpriv.none;mail.crit;news.err /var/log/messages Edit the appropriate pieces into the /etc/syslog.conf file and then issue the commands: touch /var/log/secure chmod u=rw,go= /var/log/secure kill -1 `cat /var/run/syslog.pid` If you really want the file to be secure you could use the chflags command with the sappnd flag/option. --- Bob Beer <r-beer@onu.edu> Ohio Northern University, Academic Computer Services, Ada, OH 45810 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?l031028bbb10f5b8eeb3a>