SUMMARY:login

From: Mr Rene Occelli (rene@iusti.univ-mrs.fr)
Date: Mon Oct 07 1996 - 10:06:10 CDT


Hi,

Question:
> I'm running 4.1.3
> I've problems with non desirable loggins.
> My question
> a) How can I modify the login shell to control logging
> ( exemple: 3 max retry)
> b) How can I redirect messages on succesive logging failure into a file
> and not onto the console
> c) How can I disable logging for a specific hosts

Thanks to:
Erin Copeland <erin@sam.math.ethz.ch>
edd@amnic.net (Edgar Der-Danieliantz @ Armenia NIC)
james mularadelis <jamesm@matrix.newpaltz.edu>
Tomasz Papszun <papszun@lodz.pdi.net>
 Phil Burg <phil@bofh.anu.edu.au>

I) The consensus is to use tcp_wrappers and log_daemon programs by
        Wietse Venema (wietse@wzv.win.tue.nl)

It can be found at: ftp.win.tue.nl:/pub/security/
logdaemon-5.0.tar.gz
tcp_wrappers_7.4.tar.gz

--logdaemon has programs that replace telnetd, rlogind, ftpd, and supports
skey. It lets you do a lot of creative logging, disabling logins, etc.
(access restrictions controlled by file /etc/login.access)
( users whom name appear in a /etc/ftpusers file are ftp disabled )

 --tcp_wrappers "wrap" tcp daemons and block access to them according
to a configuration you define. You can create /etc/hosts.deny and
 /etc/hosts.allow files which can setup restrictions on the access
to the daemons.
Install in mode "easy" is easy. The doc in tcp_wrapper is well
documented.

II) Special topics

--- james mularadelis <jamesm@matrix.newpaltz.edu> uses the tcsh shell .
On login the .cshrc and .login files which reside in /etc are run first
( before users's) and can be used to restrict access.

---On Solaris (but not on SunoS) a loginlog file can exist ( loginlog(4) )
(/var/adm/loginlog) (you have to create it) in which a record of failed
logins is written after 5 unsuccessful login attempts.

---To redirect messages on succesive logging failure into a file
and not onto the console, you have to modify the /etc/syslog.conf file

auth.* /name/of/file/you/want/logged/to

Bye
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Rene OCCELLI +
+ I.U.S.T.I. C.N.R.S. U.M.R. 139 +
+ Av. Esc. Normandie Niemen +
+ 13397 MARSEILLE Cedex 20 France +
+ Tel: (33)91 28 82 08 +
+ Fax: (33)91 28 82 25 +
+ Email: rene@iusti.univ-mrs.fr +
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:11 CDT