- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- How to log all invalid login attempts
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 04:27 AM
тАО10-10-2007 04:27 AM
How to log all invalid login attempts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 04:29 AM
тАО10-10-2007 04:29 AM
Re: How to log all invalid login attempts
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 04:36 AM
тАО10-10-2007 04:36 AM
Re: How to log all invalid login attempts
T he lastb command gives me all the lsat logins of all users but can it also give me the users that were locked after 5 tries ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 04:58 AM
тАО10-10-2007 04:58 AM
Re: How to log all invalid login attempts
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 05:14 AM
тАО10-10-2007 05:14 AM
Re: How to log all invalid login attempts
Without a script or trusted system you are not going to get a record of locked out users.
I'll assume your system is trusted, because if you'd written a lastb script you would be able to change it to log the users that get locked out.
You can enhance system logging with the inetd -l to get additional information about bad logins in syslog.
passwd -sa will show you the status of users and may show locked or expired users. If your system is trusted take a look at it.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 05:26 AM
тАО10-10-2007 05:26 AM
Re: How to log all invalid login attempts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-10-2007 08:16 AM
тАО10-10-2007 08:16 AM
Re: How to log all invalid login attempts
using telnet and rlogin probably is. But, are you running X, or have other hardwired access (terminal or modem)?
how about ftp, ssh, or remote access via SAM?
what about things like snmp, uucp, cron/at?
maybe not cronjobs, but what about jobs done via scheduler such as autosys or other 3rd party tools such as connect direct?
how about via management tools such as tivoli, unicenter, openview, etc.
what about your backup software?
and it also depends on what your using to do your logging. most unix command do their logging via syslog. but you need to configre them to send the information to the syslog and syslog needs to be configure as to which information it is going to log.
so, you need to define what is a login, check to see how those utilities are configured to do logging, and then check the logging facility to see if it configured log those events.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-08-2008 07:28 AM
тАО01-08-2008 07:28 AM
Re: How to log all invalid login attempts
YOu can configured *.auth in syslog.conf for system's acces and then look for in the file auth.log the acces denied.
For ftp access you can activate xferlog in the same syslog.conf
best regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-08-2008 11:08 AM
тАО01-08-2008 11:08 AM
Re: How to log all invalid login attempts
Thanks eveyone