On Oct 19, 2011, at 5:35 PM, Maurice de Laat wrote: > > Hi list, > > On a 5107R, is it correct that the Login Manager, which records which > hosts has failed login attempts, doesn't log failed logins that use a > username that doesn't exist on the system? > > I have numerous failed logins from one host, with usernames that doesn't > exists on the system. These attemps can be found in the secure logfile. > However, these failed logins don't seem to be catched by the login > manager. > > Is this working as designed? Even these attempts to login can be seen as a > brute force attack imho. > > Thanks
It is my understanding that these would be caught by the host rule. The GUI doesn't recommend using the user rule, as I recall. Jeff _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx