su (geeta@cdfd.org.in)

From: Asiye Yigit (Asiye.Yigit_at_gantek.com)
Date: 07/07/04

  • Next message: Figaro, Nicolas: "Antivirus for smtp solaris"
    Date: Wed, 07 Jul 2004 09:14:04 +0300
    To: geeta@cdfg.org.in
    
    

    Hi,

    You can record failed login attempts can be recorded in the file
    /var/adm/loginlog. By default, the loginlog file does not exist.
    To enable logging, you must create this file with read and write permissions
    for root only.

    #touch /var/adm/loginlog

    All failed login activity is written to this file automatically after five
    failed attempts. However, If there are fewer than five failed attempts,
    no activity is logged to this file.

    Use the last command to display a record of all logins and logouts
    with the most recet activity at the top of the output. It looks in the
    /var/adm/wtmpx file, which records all logins and logouts.

    For security reasons, you must monitor who has been using the su command,
    especially those user's who are trying to gain root access on the
    system. You can set
    thisusing the /etc/default/su file.

    The SULOG variable specifies the name of the file in which all su
    attempts to
    switch to another user are logged. If undefined, su logging is turned off.

    The entries in this file include the date and time the command was
    issued, whether
    it was successful (shown by the + symbol for success or the - symbol for
    failure), the device
    from which the command was issued, and finally the name of the user and
    the switched identity.

    Best regards,

    Asiye Yigit
    _______________________________________________
    sunmanagers mailing list
    sunmanagers@sunmanagers.org
    http://www.sunmanagers.org/mailman/listinfo/sunmanagers


  • Next message: Figaro, Nicolas: "Antivirus for smtp solaris"