Signed-off-by: Frédéric Brière <[EMAIL PROTECTED]>
---
.../linux/violations.ignore.d/logcheck-proftpd | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/rulefiles/linux/violations.ignore.d/logcheck-proftpd
b/rulefiles/linux/violations.ignore.d/logcheck-proftpd
index 2bf2c3e..472992d 100644
--- a/rulefiles/linux/violations.ignore.d/logcheck-proftpd
+++ b/rulefiles/linux/violations.ignore.d/logcheck-proftpd
@@ -2,5 +2,5 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd:
pam_unix\(proftpd:[[:alnum:]]+\): authentication failure; logname= uid=0 euid=0
tty= ruser= rhost=[-_.:[:alnum:]]+ user=[-_.[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]{1,5}\]:?
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\)(:| -)
PAM\([-_.[:alnum:]]+\): Authentication failure\.$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]{1,5}\]:?
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\)(:| -) Connection from
[._[:alnum:]-]+ \[[.:[:xdigit:]]+\] denied\.$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]{1,5}\]:?
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\)(:| -) USER
[-._[:alnum:]]+ \(Login failed\): Limit access denies login$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]{1,5}\]:?
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\)(:| -) USER
[-._[:alnum:]]+ \(Login failed\): (Limit access denies login|Incorrect
password\.)$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]{1,5}\]:?
[._[:alnum:]-]+ \([._[:alnum:]-]+\[[.:[:xdigit:]]+\]\)(:| -) SECURITY
VIOLATION: root login attempted\.$
--
1.5.3.8
_______________________________________________
Logcheck-devel mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel
