Peter wrote:
> My question is simply; Does the 'User Report' report on which passwords
> were used to gain access? If it does, then Analog is the thing for us.
The user report reports on the users that accessed the site. It will only
work if the logs contain a user name. If there is a password for the
username, then those passwords are not generally logged (security) and
therefore are not reported on.
Using the user report your could look for which user's account access peaked
and shut it down.
> I am curious too (and the question may reveal the true extent of my
> ignorance), does the 'Failed User Report' report on attempts to use
> passwords that were not recognized? Meaning, can I use that report to
> identify the IP addresses of hackers trying to crack a password?
There is no correlation between these, especially, as users of your site are
likely to come from ISP's where they have dynamically allocated IP numbers or
through proxy servers, so you wouldn't even know the originating system.
The Failed User report shows lists of usernames that tried to access the
system but failed (for whatever reason). If there is consistent and continous
patterns that you detect on specific accounts, you can probably make
assumptions about crack attempt on those usernames.
> Unfortunately I cannot simply download a copy of Analog and try it out
> to see if it does these things, as I do not run the server myself. We
> co-host with a company a few thousand miles away.
If you are already downloading the logs, you can download Analog to your
local computer and run it on your desktop. Binaries of Analog are available
for most popular operating systems and the source compiles easily.
Jeremy Wadsack
Wadsack-Allen Digital Group
------------------------------------------------------------------------
This is the analog-help mailing list. To unsubscribe from this
mailing list, send mail to [EMAIL PROTECTED]
with "unsubscribe" in the main BODY OF THE MESSAGE.
List archived at http://www.mail-archive.com/[email protected]/
------------------------------------------------------------------------
