At least for ftpd I think there is a solution:

1. Edit /etc/inetd.conf

ftp stream tcp nowait root /usr/libexec/ftpd ftpd -ll ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll

with -ll, ftpd still logs failures as auth.log as

Aug 24 17:05:30 mx1 ftpd[1625]: FTP LOGIN FAILED FROM domain.tld, user

   The flags -ll enable extended logging.

2. Edit /etc/syslog.conf:

        *.*                                             /var/log/ftpd.log

3. Create the log file

        # touch /var/log/ftpd.log

same in ftpd.log

The IPs are being logged in the log file.

they are not logged.

 I'm sure SSH
allows something similar. If I remember correctly, this
has recently been discussed at this list, maybe the archive
brings up some helping informations for you.

thanks, I'll look.

like everybody else, we are getting hammered by brute force attacks.


_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to