- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Athorication faild massages
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-11-2010 11:53 PM
тАО03-11-2010 11:53 PM
Athorication faild massages
My 168.2 root account is getting locked regularly.
When iam going through syslog of 168.2 i am getting messages authorication for root from 168.1 failed.
Can any suggest how can find which application or process contacting 168.2 in 168.1
and is there any way find list of login request from 168.1 to other server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2010 12:16 AM
тАО03-12-2010 12:16 AM
Re: Athorication faild massages
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2010 12:36 AM
тАО03-12-2010 12:36 AM
Re: Athorication faild massages
follow the advice from Dennis, and also you could check the connections with the Network Admins.
mikap
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2010 01:06 AM
тАО03-12-2010 01:06 AM
Re: Athorication faild massages
Thanks for reply
Here i want to know all login request from 168.1 to other servers.
I want to know which process in 168.1 exactly send this login request.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2010 01:25 AM
тАО03-12-2010 01:25 AM
Re: Athorication faild massages
>>I want to know which process in 168.1 exactly send this login request.<<<
It pretty difficult for all of us to find / what you are looking for , ..? Hence you must be familiar with your server or application set up or some documentation to start digging the problem ..? otherwise we'll be shooting in the dark room .. ;(
check crontab entries ..?
any ftp jobs jobs, I could understand if you have any "password" hard-coded script execution could cause your root account getting locked regularly, either you remove un-sucessfull login counts to "0" for the root account.
have you followed advice from >>Dennis post ..?
# last -R
you can also check under the below file
# cat /var/adm/syslog/syslog.log
# netstat -an |grep -i 168.2.168.1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-12-2010 01:40 AM
тАО03-12-2010 01:40 AM
Re: Athorication faild massages
I guess you already know which machine is attacking yours?
You may have to turn on auditing to find who is sending bogus passwords to your machine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-23-2010 07:20 PM
тАО03-23-2010 07:20 PM