Will H. Backman wrote: > > Dimitry Andric wrote: > > Will H. Backman wrote: > > > >> The console on OpenBSD 3.9 release doesn't seem to log unknown username > >> or failed login attempts anywhere. > >> > > > > See this commit: > > http://www.openbsd.org/cgi-bin/cvsweb/src/etc/syslog.conf#rev1.14 > > > > "Make the default syslog.conf not make the console and root logins > > unusable when problems occur. Provide commented out examples showing > > people how to direct output to /dev/console or as messages to root, > > for situations where such output might acutally be useful, rather than > > something that keeps you from fixing a problem due to the screen > > getting spewed at." > > > I guess I was expecting more to show up in /var/log/secure or authlog, > or messages. > I tried some random wrong password for the root account, and also tried > accounts like "rott", and all I got was: > /var/log/secure > Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0, root > /var/log/messages > Jul 13 09:30:30 star login: 1 LOGIN FAILURE ON ttyC0
Automated failed login attempts make an excellent Denial Of Service attack. (if the logs cooperate by using up all available disk space)
