From owner-FreeBSD-users-jp@jp.freebsd.org  Tue Aug 24 23:02:41 1999
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id XAA74500;
	Tue, 24 Aug 1999 23:02:41 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from light.imasy.or.jp (root@light.imasy.or.jp [202.227.24.4])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id XAA74483
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 24 Aug 1999 23:02:40 +0900 (JST)
	(envelope-from mistral@imasy.or.jp)
Received: from tasogare.imasy.or.jp (mistral@tasogare.imasy.or.jp [202.227.24.5])
	by light.imasy.or.jp (8.9.3+3.2W/3.7W-light) with ESMTP id XAA11345
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 24 Aug 1999 23:02:35 +0900 (JST)
	(envelope-from mistral@imasy.or.jp)
Received: from mistral.wind.prv (isdnb33.imasy.or.jp [202.227.24.161])
	by tasogare.imasy.or.jp (8.9.3+3.2W/3.7W-tasogare/smtpfeed 1.01) with ESMTP id XAA06011
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Tue, 24 Aug 1999 23:02:33 +0900 (JST)
	(envelope-from mistral@imasy.or.jp)
Message-Id: <199908241402.XAA06011@tasogare.imasy.or.jp>
Received: (from yohta@localhost)
	by mistral.wind.prv (8.9.3/3.7Wpl2-990626) id XAA11780;
	Tue, 24 Aug 1999 23:01:12 +0900 (JST)
Date: Tue, 24 Aug 1999 23:01:12 +0900 (JST)
From: mistral@imasy.or.jp (Yoshihiko -OHTA- SARUMARU)
To: FreeBSD-users-jp@jp.FreeBSD.org
X-Mailer: mnews [version 1.21PL5] 1999-04/04(Sun)
Reply-To: FreeBSD-users-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: FreeBSD-users-jp 45128
Subject: [FreeBSD-users-jp 45128] security check report: login failures
Errors-To: owner-FreeBSD-users-jp@jp.freebsd.org
Sender: owner-FreeBSD-users-jp@jp.freebsd.org
X-Originator: mistral@imasy.or.jp

$B!!1n4]$G$9!#$3$s$K$A$O!#(B

  cron $B$rF0$+$7$F$$$k$H!"KhF|(B 2:00 $B$K(B /etc/security $B$,<B9T$5$l$F!"(B
grep -i "login failure" $LOG/messages
$B$H$$$&$N$,<B9T$5$l!"(B/var/log/messages $B$K(B
	Jul 26 10:48:19 myhost login: 4 LOGIN FAILURES FROM some.host
$B$N$h$&$J9T$,5-O?$5$l$F$$$k$H%a!<%k$GAw$i$l$F$/$k$N$G$9$,!"$"$?$j(B
$B$^$($G$9$,!"(Bnewsyslog $B$K$h$C$F(B messages $B$,(B rotate $B$5$l$k$^$G!"1d!9(B
$B$H7+$jJV$7KhF|KhF|I=<($5$l$F$7$^$$$^$9!#(B

  $B%G%U%)%k%H$G$O(B /var/log/messages $B$,(B100 KB $B$K$J$k$^$G(B rotate $B$5(B
$B$l$J$$$N$G!"$=$l$[$I;H$o$l$F$$$J$$%[%9%H$G$O!"?t%v7nA0$N(B login
failure $B$,$:$C$HI=<($5$lB3$1$F$7$^$$$^$9!#(B

  $B$3$l$G$O$&$C$H$&$7$$$7!"K|0l(B login failure $B$,5/$-$F$b5$$E$-$K(B
$B$/$/$J$C$F$7$^$&$N$G!"0lEY(B login failure $B$,=P$F$b!"<!$NF|$+$i$O(B
$BI=<($5$l$J$$$h$&$K$7$?$$$N$G$9$,!"$_$J$5$s$O$I$N$h$&$KBP=h$5$l$F(B
$B$$$k$N$G$7$g$&$+!#$d$C$Q$j(B /etc/newsyslog.conf $B$G(B interval $B$r(B 24 
$B$K$7$F!"KhF|(B rotate $B$5$l$k$h$&$K$7$F$$$k$N$G$7$g$&$+!#$G$b$=$&$9(B
$B$k$HF1$84|4VJ,$N%m%0$r;D$9$K$7$F$b!"%U%!%$%k$N?t$,$H$F$b$?$/$5$s(B
$B$K$J$C$F$7$^$$$^$9$h$M!#(B

  $B2?$+$$$$@_Dj$"$k$$$O1?MQ$O$J$$$G$7$g$&$+!#(B  
--
$B1n4](B($B5l@+(B: $BB@ED(B)$BK'I'(B (Yoshihiko SARUMARU)
E-mail: mistral@imasy.or.jp	URL: http://www.imasy.or.jp/~mistral/
1$BF|FI$_B;$M$?$@$1$G!"A4A35$$E$+$J$/$J$k!"$H$$$&$N$bLdBj$G$9$7!D!D!#(B
