Date: Tue, 29 May 2007 10:25:00 +0200 From: "Aitor San Juan" <asanjuan@bolsabilbao.es> To: <freebsd-questions@freebsd.org> Subject: login failures Message-ID: <A7982BC6B322014A844727E6D0AC643FE1CA@BB06.bolsabilbao.local> In-Reply-To: <20070529170113.4142ae21@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi List, Our FreeBSD system has been recently reporting login failures, such as: May 23 16:44:23 lpool login: 2 LOGIN FAILURES FROM host_name_1 May 23 16:44:23 lpool login: 2 LOGIN FAILURES FROM host_name_1, = logon_user_used_1 May 26 15:07:27 lpool login: 1 LOGIN FAILURE ON ttyv1 May 26 15:07:27 lpool login: 1 LOGIN FAILURE ON ttyv1, root May 26 15:07:34 lpool login: 1 LOGIN FAILURE ON ttyv1 May 26 15:07:34 lpool login: 1 LOGIN FAILURE ON ttyv1, logon_name_used_2 May 26 15:21:50 lpool login: 1 LOGIN FAILURE ON ttyv0 May 26 15:21:50 lpool login: 1 LOGIN FAILURE ON ttyv0, = ^[[B^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[ I wonder where in the system, in more detail, this is registered. Can I = assure that those TTYs refer to logon attemps from the physical console? Is = there anyway to track down more information. In addition to this, how could we = enable system activity logging? Any hint would be highly appreciated. Please, point me to any good = documentation on FreeBSD security (concepts and planning guide). Thanks in advance. Aitor. ************ LEGEZKO OHARRA / AVISO LEGAL / LEGAL ADVICE *************=20 Mezu honek isilpeko informazioa gorde dezake, edo jabea duena, edota = legez babestuta dagoena. Zuri zuzendua ez bada, bidali duenari esan eta = ezabatu, inori berbidali edo gorde gabe, legeak debekatzen duelako = mezuak erabiltzea baimenik gabe.=20 -------------------------------------------------------------------------= - Este mensaje puede contener informaci=F3n confidencial, en propiedad o = legalmente protegida. Si usted no es el destinatario, le rogamos lo = comunique al remitente y proceda a borrarlo, sin reenviarlo ni = conservarlo, ya que su uso no autorizado est=E1 prohibido legalmente. -------------------------------------------------------------------------= - This message may contain confidential, proprietary or legally privileged = information. If you are not the intended recipient of this message, = please notify it to the sender and delete without resending or backing = it, as it is legally prohibited. *************************************************************************= *
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A7982BC6B322014A844727E6D0AC643FE1CA>