From owner-freebsd-hackers Mon Feb 10 00:52:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id AAA19561 for hackers-outgoing; Mon, 10 Feb 1997 00:52:07 -0800 (PST) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id AAA19555 for ; Mon, 10 Feb 1997 00:52:03 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id JAA11692 for freebsd-hackers@freebsd.org; Mon, 10 Feb 1997 09:52:01 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.8.5/8.6.9) id JAA18724; Mon, 10 Feb 1997 09:41:31 +0100 (MET) Message-ID: Date: Mon, 10 Feb 1997 09:41:31 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: freebsd-hackers@freebsd.org (FreeBSD hackers) Subject: Fwd: daily insecurity output X-Mailer: Mutt 0.55-PL10 Mime-Version: 1.0 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Btw., running /usr/bin/login manually causes enough traces in the logs. :-) -----Forwarded message from root (Charlie Root)----- From: Charlie Root Subject: daily insecurity output checking auth info: Feb 9 12:23:46 uriah login: login on ttyp2 as j -----End of forwarded message----- Sure, there's no hostname mentioned, but since you can't login on a pty without either getting there from a remote host, or from a previous session, that should be simple to track. I don't think it's a major security issue. -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)