https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418152#M765802 Nick,<BR /><BR />Your best bet is probably to use /etc/securetty to restrict root logins to only <BR />the console. There is a man page on securetty if you need more info on that. <BR />Then users who need root access will be forced to su to the root account when <BR />logging in remotely. Each of these su attempts will be monitored and logged. <BR /> Wed, 09 Feb 2000 06:59:09 GMT Jason Luginbuhl_1 2000-02-09T06:59:09Z https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418150#M765800 I would like to configure a script likely, that will email me when someone has <BR />tried to logon as root and failed.<BR /><BR />Thanks,<BR /><BR />Nickd<BR /> <BR /><BR /> Mon, 07 Feb 2000 05:54:47 GMT https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418150#M765800 Nick D'angelo_3 2000-02-07T05:54:47Z https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418151#M765801 I would suggest creating the script to look at /var/adm/sulog checking for <BR />unsuccessful attempts and runs periodically from cron.<BR /><BR />Good Luck! Mon, 07 Feb 2000 07:57:28 GMT https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418151#M765801 Robert Gamble_3 2000-02-07T07:57:28Z https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418152#M765802 Nick,<BR /><BR />Your best bet is probably to use /etc/securetty to restrict root logins to only <BR />the console. There is a man page on securetty if you need more info on that. <BR />Then users who need root access will be forced to su to the root account when <BR />logging in remotely. Each of these su attempts will be monitored and logged. <BR /> Wed, 09 Feb 2000 06:59:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/failed-root-login/m-p/2418152#M765802 Jason Luginbuhl_1 2000-02-09T06:59:09Z