Date: 09 Mar 2001 09:22:31 -0500 From: Lowell Gilbert <lowell@world.std.com> To: freebsd-questions@freebsd.org, jason@jason-n3xt.org Subject: Re: Logging log-ins/Security Question Message-ID: <44hf13xbrs.fsf@lowellg.ne.mediaone.net> In-Reply-To: jason@jason-n3xt.org's message of "8 Mar 2001 07:07:51 %2B0100" References: <ICEEIHNIIMPDELNLPAGPOEHLCAAA.jason@jason-n3xt.org>
next in thread | previous in thread | raw e-mail | index | archive | help
jason@jason-n3xt.org (Jason Halbert) writes: > I noticed in the daily run report (I'm assuming that's generated by a > cron job) it lists login failures. Is there a way to modify it so > that it reports all logins, successful and failed; and perhaps even > ftp logins as well? The proper setting for syslog's auth facility should do this. See the manual for syslog.conf(5). The daily run report is generated by periodic(8), which is indeed invoked by cron. > And a security question... > I have noticed since I started running apache and a IRC server and > somewhat a shell provider that I am getting more and more people > trying to login via telnet and trying random crap to login. Is this > normal? That may seem a stupid question, but I'm wondering about this > from POV of anyone really being able to get in. Yes, it's normal; the more people who know you have a server machine on the Internet, the more people will poke at it. Not all of them are badly intentioned, although some are. Make sure your defenses are up. Start with http://www.freebsd.org/security/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44hf13xbrs.fsf>