conf/70973
Ceri Davies
ceri at submonkey.net
Wed Sep 1 02:20:25 PDT 2004
The following reply was made to PR conf/70973; it has been noted by GNATS.
From: Ceri Davies <ceri at submonkey.net>
To: FreeBSD Gnats Submit <freebsd-gnats-submit at FreeBSD.org>
Cc:
Subject: Re: conf/70973
Date: Wed, 1 Sep 2004 10:11:15 +0100
--oXNgvKVxGWJ0RPMJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Adding to audit trail.
--oXNgvKVxGWJ0RPMJ
Content-Type: message/rfc822
Content-Disposition: inline
Return-path: <owner-freebsd-current at freebsd.org>
Envelope-to: ceri at submonkey.net
Delivery-date: Tue, 31 Aug 2004 20:44:15 +0100
Received: from mx2.freebsd.org ([216.136.204.119])
by shrike.submonkey.net with esmtp (Exim 4.42 (FreeBSD))
id 1C2EY2-000OR0-VT
for ceri at submonkey.net; Tue, 31 Aug 2004 20:44:15 +0100
Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18])
by mx2.freebsd.org (Postfix) with ESMTP
id A35ED56806; Tue, 31 Aug 2004 19:43:53 +0000 (GMT)
(envelope-from owner-freebsd-current at freebsd.org)
Received: from hub.freebsd.org (localhost [127.0.0.1])
by hub.freebsd.org (Postfix) with ESMTP
id 5013316A505; Tue, 31 Aug 2004 19:43:49 +0000 (GMT)
Delivered-To: freebsd-current at freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
by hub.freebsd.org (Postfix) with ESMTP id 1FAC116A4CE
for <current at freebsd.org>; Tue, 31 Aug 2004 19:43:31 +0000 (GMT)
Received: from mailserv1.neuroflux.com (mailserv1.neuroflux.com
[204.228.228.92])
by mx1.FreeBSD.org (Postfix) with ESMTP id C5ED743D48
for <current at freebsd.org>; Tue, 31 Aug 2004 19:43:30 +0000 (GMT)
(envelope-from ryans at gamersimpact.com)
Received: (qmail 41930 invoked by uid 89); 31 Aug 2004 19:49:21 -0000
Received: from unknown (HELO www2.neuroflux.com) (127.0.0.1)
by localhost with SMTP; 31 Aug 2004 19:49:21 -0000
Received: from 208.4.77.15
(SquirrelMail authenticated user ryans at gamersimpact.com)
by www2.neuroflux.com with HTTP;
Tue, 31 Aug 2004 13:49:21 -0600 (MDT)
Message-ID: <50241.208.4.77.15.1093981761.squirrel at www2.neuroflux.com>
Date: Tue, 31 Aug 2004 13:49:21 -0600 (MDT)
From: "Ryan Sommers" <ryans at gamersimpact.com>
To: current at freebsd.org
User-Agent: SquirrelMail/1.4.2
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
Importance: Normal
Subject: Periodic security
X-BeenThere: freebsd-current at freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
<mailto:freebsd-current-request at freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current at freebsd.org>
List-Help: <mailto:freebsd-current-request at freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
<mailto:freebsd-current-request at freebsd.org?subject=subscribe>
Sender: owner-freebsd-current at freebsd.org
Errors-To: owner-freebsd-current at freebsd.org
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on
shrike.private.submonkey.net
X-Spam-Status: No, hits=-3.7 required=5.0 tests=AWL,BAYES_00,PRIORITY_NO_NAME
autolearn=no version=2.64
Slight modification to the loginfail script for periodics. This will catch
sshd, proftpd and su errors, as well as other programs, better.
--- 800.loginfail Mon Aug 30 21:50:50 2004
+++ 800.loginfail Mon Aug 30 21:51:53 2004
@@ -59,7 +59,7 @@
[Yy][Ee][Ss])
echo ""
echo "${host} login failures:"
- n=$(catmsgs | grep -ia "^$yesterday.*fail" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*(fail|invalid|bad|illegal)" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0;;
*) rc=0;;
--
Ryan "leadZERO" Sommers
Gamer's Impact President
ryans at gamersimpact.com
ICQ: 1019590
AIM/MSN: leadZERO
-= http://www.gamersimpact.com =-
_______________________________________________
freebsd-current at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
--oXNgvKVxGWJ0RPMJ--
More information about the freebsd-bugs
mailing list