__/ [graham] on Sunday 15 January 2006 09:00 \__
> On Sat, 14 Jan 2006 08:40:06 +0000, graham wrote:
>
>> On Sat, 14 Jan 2006 06:34:43 +0000, Hossain wrote:
>>
>>
>>> Thanks Roy, actually I used "last" but as you mentioned, it only lists
>>> successful logins, list of unsuccessful login attempts would give an
>>> idea how frequently there is a hacking attempt.
>>>
>>> thanks
>> /var/log/btmp
>> lastb will show these provided /var/log/btmp exists.
>> On my system it does not exist but there must be a way to enable that log.
>
> I suppose the file will not exist if there is nothing to log.
I do not have this file either, even though I have had some failed logins.
I have not found any way to enable it, having taken a quick glimpse.
Your observation roused my curiosity. I know there are many penetration
attempts in the Computer Science School. These brute-force attempts proba-
bly aim to accumulate malicious zombies (why bother... with the poor Win32
API's) and can easily exploit the unbelievably bad password choices of
some attendants. One cracked account can put several large clusters in
jeopardy. No wonder they decided to shut everything down from Christmas u-
tnil February. I am among the sufferers from that decision.
Roy
|
|