Date: Fri, 17 Mar 2006 03:07:54 +0200 (EET) From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> To: Garance A Drosehn <gad@FreeBSD.org> Cc: freebsd-current@FreeBSD.org Subject: Re: src/etc/periodic/security/800.loginfail Message-ID: <20060317030230.G64324@atlantis.atlantis.dp.ua> In-Reply-To: <p06230912c03f933e0d8e@[128.113.24.47]> References: <20060316145826.M96629@atlantis.atlantis.dp.ua> <p06230912c03f933e0d8e@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Thu, 16 Mar 2006, Garance A Drosehn wrote: > But that's the problem, once you start down the road of > matching "everything which might be useful", you open up > a lot of questions as to which messages *are* interesting, > and how they should be displayed in the security-email > message. After all, *everything* in the authlog file is > expected to be interesting in one way or another. Do we > want to copy the entire file into the security email? I > doubt it... I understand current intent as "to report login failures", and I think that refused by the sshd connection attempts could be treated as such. OTOH, SSH.COM's sshd2 isn't the part of the base OS, that's why I'm not sure whether such an addition is "politically correct" (I'm sure it's useful though). Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060317030230.G64324>