Skip site navigation (1)Skip section navigation (2)
Date:      09 Mar 2001 09:22:31 -0500
From:      Lowell Gilbert <lowell@world.std.com>
To:        freebsd-questions@freebsd.org, jason@jason-n3xt.org
Subject:   Re: Logging log-ins/Security Question
Message-ID:  <44hf13xbrs.fsf@lowellg.ne.mediaone.net>
In-Reply-To: jason@jason-n3xt.org's message of "8 Mar 2001 07:07:51 %2B0100"
References:  <ICEEIHNIIMPDELNLPAGPOEHLCAAA.jason@jason-n3xt.org>

next in thread | previous in thread | raw e-mail | index | archive | help
jason@jason-n3xt.org (Jason Halbert) writes:

> I noticed in the daily run report (I'm assuming that's generated by a
> cron job) it lists login failures.  Is there a way to modify it so
> that it reports all logins, successful and failed; and perhaps even
> ftp logins as well?

The proper setting for syslog's auth facility should do this.  See the
manual for syslog.conf(5).

The daily run report is generated by periodic(8), which is indeed
invoked by cron.

> And a security question...
> I have noticed since I started running apache and a IRC server and
> somewhat a shell provider that I am getting more and more people
> trying to login via telnet and trying random crap to login.  Is this
> normal?  That may seem a stupid question, but I'm wondering about this
> from POV of anyone really being able to get in.

Yes, it's normal; the more people who know you have a server machine
on the Internet, the more people will poke at it.  Not all of them are
badly intentioned, although some are.  Make sure your defenses are up.
Start with http://www.freebsd.org/security/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44hf13xbrs.fsf>