cancel
Showing results for 
Search instead for 
Did you mean: 

VNC login failures

Maaz
Valued Contributor

VNC login failures

How do I know unsuccessful login attempts on a VNC server
e.g I want to know from which IP(vnc client) a bad login was attempted etc

the only information I got from /var/log/messages

Jan 22 17:13:38 vncserver gdm[4908]: Couldn't authenticate user

please help
4 REPLIES
Steven E. Protter
Exalted Contributor

Re: VNC login failures

Shalom

grep vncserver | grep Couldn't authenticate user" | wc -l

That will get you a count.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Steven E. Protter
Exalted Contributor

Re: VNC login failures

Mistake:

cat /var/log/messages | grep vncserver | grep Couldn't authenticate user" | wc -l
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Rick Beldin
Esteemed Contributor

Re: VNC login failures

I think you will have to enable gdm debugging by editing the gdm.conf file and looking for the section:

[debug]
Enable=false

Change it to 'Enable=true'.

You'll get far more than you want, but you will get the ip address of every gdm instance.
Matching them up might be a problem, especially if you have many vnc sessions.
Necessary questions: Why? What? How? When?
Maaz
Valued Contributor

Re: VNC login failures

Hi thanks Dear Steven E. Protter and
Rick Beldin for help


on VNC server
in /etc/opt/gnome/gdm/gdm.conf
[debug]
Enable=true

# /etc/init.d/xdm stop
# /etc/init.d/xdm start
# /etc/init.d/xinetd stop
# /etc/init.d/xinetd start

then from vnc client I login on the vnc server

then on vnc server
# cat /var/log/messages | grep "vnc*"
Jan 25 17:59:46 gateway xinetd[6044]: Reading included configuration file: /etc/xinetd.d/vnc [file=/etc/xinetd.d/vnc] [line=15]
Jan 25 17:59:46 gateway xinetd[6044]: removing vnc2
Jan 25 17:59:46 gateway xinetd[6044]: removing vnc3
Jan 25 17:59:46 gateway xinetd[6044]: removing vnchttpd2
Jan 25 17:59:46 gateway xinetd[6044]: removing vnchttpd3
Jan 25 18:00:20 gateway xinetd[6142]: Reading included configuration file: /etc/xinetd.d/vnc [file=/etc/xinetd.d/vnc] [line=15]
Jan 25 18:00:20 gateway xinetd[6142]: removing vnc2
Jan 25 18:00:20 gateway xinetd[6142]: removing vnc3
Jan 25 18:00:20 gateway xinetd[6142]: removing vnchttpd2
Jan 25 18:00:20 gateway xinetd[6142]: removing vnchttpd3


# cat /etc/xinetd.d/vnc

# default: off
# description: This serves out a VNC connection which starts at a KDM login \
# prompt. This VNC connection has a resolution of 1024x768, 16bit depth.
service vnc1
{
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/Xvnc
server_args = :42 -inetd -once -query localhost -geometry 1024x768 -depth 16
type = UNLISTED
port = 5901
}
# default: off
# description: This serves out a VNC connection which starts at a KDM login \
# prompt. This VNC connection has a resolution of 1280x1024, 16bit depth.
service vnc2
{
type = UNLISTED
port = 5902
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/Xvnc
server_args = :42 -inetd -once -query localhost -geometry 1280x1024 -depth 16
disable = yes
}
# default: off
# description: This serves out a VNC connection which starts at a KDM login \
# prompt. This VNC connection has a resolution of 1600x1200, 16bit depth.
service vnc3
{
type = UNLISTED
port = 5903
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/Xvnc
server_args = :42 -inetd -once -query localhost -geometry 1600x1200 -depth 16
disable = yes
}
# default: off
# description: This serves out the vncviewer Java applet for the VNC \
# server running on port 5901, (vnc port 1).
service vnchttpd1
{
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/vnc_inetd_httpd
server_args = 1024 768 5901
type = UNLISTED
port = 5801
}
# default: off
# description: This serves out the vncviewer Java applet for the VNC \
# server running on port 5902, (vnc port 2).
service vnchttpd2
{
type = UNLISTED
port = 5802
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/vnc_inetd_httpd
server_args = 1280 1024 5902
disable = yes
}
# default: off
# description: This serves out the vncviewer Java applet for the VNC \
# server running on port 5902, (vnc port 3).
service vnchttpd3
{
type = UNLISTED
port = 5803
socket_type = stream
protocol = tcp
wait = no
user = nobody
server = /usr/X11R6/bin/vnc_inetd_httpd
server_args = 1600 1200 5903
disable = yes
}