From: Asiye Yigit (Asiye.Yigit@gantek.com)
Date: Wed Jul 07 2004 - 02:14:04 EDT
Hi,
You can record failed login attempts can be recorded in the file
/var/adm/loginlog. By default, the loginlog file does not exist.
To enable logging, you must create this file with read and write permissions
for root only.
#touch /var/adm/loginlog
All failed login activity is written to this file automatically after five
failed attempts. However, If there are fewer than five failed attempts,
no activity is logged to this file.
Use the last command to display a record of all logins and logouts
with the most recet activity at the top of the output. It looks in the
/var/adm/wtmpx file, which records all logins and logouts.
For security reasons, you must monitor who has been using the su command,
especially those user's who are trying to gain root access on the
system. You can set
thisusing the /etc/default/su file.
The SULOG variable specifies the name of the file in which all su
attempts to
switch to another user are logged. If undefined, su logging is turned off.
The entries in this file include the date and time the command was
issued, whether
it was successful (shown by the + symbol for success or the - symbol for
failure), the device
from which the command was issued, and finally the name of the user and
the switched identity.
Best regards,
Asiye Yigit
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:29:01 EDT