On Sun, 24 Aug 2008 16:32:56 -0500, Len Conrad <[EMAIL PROTECTED]> wrote: > Are there are any flags or tricks to get these two daemons to log IP > addresses of failed login attempts, rather than PTR hostnames? > > man ftpd > man sshd > > ... show nothing, afaics.
At least for ftpd I think there is a solution: 1. Edit /etc/inetd.conf ftp stream tcp nowait root /usr/libexec/ftpd ftpd -ll ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll The flags -ll enable extended logging. 2. Edit /etc/syslog.conf: !ftpd *.* /var/log/ftpd.log 3. Create the log file # touch /var/log/ftpd.log 4. Optionally: Edit /etc/newsyslog.conf for preferred log rotation. The IPs are being logged in the log file. I'm sure SSH allows something similar. If I remember correctly, this has recently been discussed at this list, maybe the archive brings up some helping informations for you. -- Polytropon >From Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"