<None>
gravishanker at eagle.wesleyan.edu
gravishanker at eagle.wesleyan.edu
Tue Nov 13 01:36:01 AEST 1990
Hi
I noticed the existence of a file /etc/security/failedlogin in my RS/6000. It
is a file containing failed login information and the accounting records on it
are written in utmp format. It apparently contains the information on failed
login - either username failures or password failures. When I did an:
ac -p -w /etc/security/failedlogin
I got the following:
sshan 0.00
UNKNOWN_1320.04
root 0.00
total 1320.05
Is this correct? Obviously, the UNKNOWN_ seems to have wrong format. It is hard
to believe the time taken up. The reason I say that is, I more'd the file,
knowing it is garbage, and there are about 10 or 15 entries for UNKNOWN_USER. I
can't see why that would add up to 1320 seconds(I hope these are not min.). My
feeling is that the 8 character username is causing the problem, thus the USER
is the UNKNOWN_USER getting read as some kind of time! If someone feels that is
not the case and that these times are correct, then I have my hands full and
need to look up what's going on. Any help is appreciated.
Ravi
More information about the Comp.unix.aix
mailing list