At least for ftpd I think there is a solution:
1. Edit /etc/inetd.conf
ftp stream tcp nowait root /usr/libexec/ftpd
ftpd -ll
ftp stream tcp6 nowait root /usr/libexec/ftpd
ftpd -ll
with -ll, ftpd still logs failures as auth.log as
Aug 24 17:05:30 mx1 ftpd[1625]: FTP LOGIN FAILED FROM domain.tld, user
The flags -ll enable extended logging.
2. Edit /etc/syslog.conf:
!ftpd
*.* /var/log/ftpd.log
3. Create the log file
# touch /var/log/ftpd.log
same in ftpd.log
The IPs are being logged in the log file.
they are not logged.
I'm sure SSH
allows something similar. If I remember correctly, this
has recently been discussed at this list, maybe the archive
brings up some helping informations for you.
thanks, I'll look.
like everybody else, we are getting hammered by brute force attacks.
thanks
Len
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
