Date: Mon, 10 Apr 2000 15:19:11 -0600 (MDT) From: "Victor Soto V." <vsoto@miquiztli.fisica.uson.mx> To: FreeBSD questions <freebsd-questions@FreeBSD.ORG> Subject: Log messages... Message-ID: <Pine.LNX.3.95.1000410145437.2727B-100000@miquiztli.fisica.uson.mx>
next in thread | raw e-mail | index | archive | help
Hi all! Recently I have seen these messages (among others) in /var/log/messages: messages:Apr 7 19:18:14 sarajuana rshd[187]: no modules loaded for `rshd' service messages:Apr 7 19:18:14 sarajuana rshd[187]: auth_pam: Permission denied messages:Apr 7 19:18:14 sarajuana rshd[187]: PAM authentication failed messages:Apr 8 13:40:47 sarajuana rshd[462]: no modules loaded for `rshd' service messages:Apr 8 13:40:47 sarajuana rshd[462]: auth_pam: Permission denied messages:Apr 8 13:40:47 sarajuana rshd[462]: PAM authentication failed messages:Apr 10 13:41:05 sarajuana rshd[10861]: no modules loaded for `rshd' service messages:Apr 10 13:41:05 sarajuana rshd[10861]: auth_pam: Permission denied messages:Apr 10 13:41:05 sarajuana rshd[10861]: PAM authentication failed messages:Apr 10 13:42:49 sarajuana rshd[10862]: no modules loaded for `rshd' service messages:Apr 10 13:42:49 sarajuana rshd[10862]: auth_pam: Permission denied messages:Apr 10 13:42:49 sarajuana rshd[10862]: PAM authentication failed This looks suspicious to me, I didn't know what rsh is until now (newbie). Is this dangerous?? I saw too that the file /var/log/security is empty, I would like to log there all the login failures, bad su's, the location of all the remote conections, etc. What does the line: security.* /var/log/security in /etc/syslog.conf does? Thanks. Victor. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.1000410145437.2727B-100000>