Date: Tue, 29 May 2007 10:25:00 +0200 From: "Aitor San Juan" <asanjuan@bolsabilbao.es> To: <freebsd-questions@freebsd.org> Subject: login failures Message-ID: <A7982BC6B322014A844727E6D0AC643FE1CA@BB06.bolsabilbao.local> In-Reply-To: <20070529170113.4142ae21@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi List, Our FreeBSD system has been recently reporting login failures, such as: May 23 16:44:23 lpool login: 2 LOGIN FAILURES FROM host_name_1 May 23 16:44:23 lpool login: 2 LOGIN FAILURES FROM host_name_1, logon_user_used_1 May 26 15:07:27 lpool login: 1 LOGIN FAILURE ON ttyv1 May 26 15:07:27 lpool login: 1 LOGIN FAILURE ON ttyv1, root May 26 15:07:34 lpool login: 1 LOGIN FAILURE ON ttyv1 May 26 15:07:34 lpool login: 1 LOGIN FAILURE ON ttyv1, logon_name_used_2 May 26 15:21:50 lpool login: 1 LOGIN FAILURE ON ttyv0 May 26 15:21:50 lpool login: 1 LOGIN FAILURE ON ttyv0, ^[[B^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[A^[[ I wonder where in the system, in more detail, this is registered. Can I assure that those TTYs refer to logon attemps from the physical console? Is there anyway to track down more information. In addition to this, how could we enable system activity logging? Any hint would be highly appreciated. Please, point me to any good documentation on FreeBSD security (concepts and planning guide). Thanks in advance. Aitor. ************ LEGEZKO OHARRA / AVISO LEGAL / LEGAL ADVICE ************* Mezu honek isilpeko informazioa gorde dezake, edo jabea duena, edota legez babestuta dagoena. Zuri zuzendua ez bada, bidali duenari esan eta ezabatu, inori berbidali edo gorde gabe, legeak debekatzen duelako mezuak erabiltzea baimenik gabe. -------------------------------------------------------------------------- Este mensaje puede contener información confidencial, en propiedad o legalmente protegida. Si usted no es el destinatario, le rogamos lo comunique al remitente y proceda a borrarlo, sin reenviarlo ni conservarlo, ya que su uso no autorizado está prohibido legalmente. -------------------------------------------------------------------------- This message may contain confidential, proprietary or legally privileged information. If you are not the intended recipient of this message, please notify it to the sender and delete without resending or backing it, as it is legally prohibited. **************************************************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A7982BC6B322014A844727E6D0AC643FE1CA>