ftpd and sshd logging of domain names
Polytropon
freebsd at edvax.de
Sun Aug 24 21:44:16 UTC 2008
On Sun, 24 Aug 2008 16:32:56 -0500, Len Conrad <LConrad at Go2France.com> wrote:
> Are there are any flags or tricks to get these two daemons to log IP
> addresses of failed login attempts, rather than PTR hostnames?
>
> man ftpd
> man sshd
>
> ... show nothing, afaics.
At least for ftpd I think there is a solution:
1. Edit /etc/inetd.conf
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -ll
ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
The flags -ll enable extended logging.
2. Edit /etc/syslog.conf:
!ftpd
*.* /var/log/ftpd.log
3. Create the log file
# touch /var/log/ftpd.log
4. Optionally: Edit /etc/newsyslog.conf for preferred log
rotation.
The IPs are being logged in the log file. I'm sure SSH
allows something similar. If I remember correctly, this
has recently been discussed at this list, maybe the archive
brings up some helping informations for you.
--
Polytropon
>From Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list