Periodic security
Ryan Sommers
ryans at gamersimpact.com
Tue Aug 31 12:43:31 PDT 2004
Slight modification to the loginfail script for periodics. This will catch
sshd, proftpd and su errors, as well as other programs, better.
--- 800.loginfail Mon Aug 30 21:50:50 2004
+++ 800.loginfail Mon Aug 30 21:51:53 2004
@@ -59,7 +59,7 @@
[Yy][Ee][Ss])
echo ""
echo "${host} login failures:"
- n=$(catmsgs | grep -ia "^$yesterday.*fail" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*(fail|invalid|bad|illegal)" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0;;
*) rc=0;;
--
Ryan "leadZERO" Sommers
Gamer's Impact President
ryans at gamersimpact.com
ICQ: 1019590
AIM/MSN: leadZERO
-= http://www.gamersimpact.com =-
More information about the freebsd-current
mailing list