Which files must be edited in order to set up logging of all failed login attempts?

Which files must be edited in order to set up logging of all failed login attempts?

Which files must be edited in order to set up logging of all failed login attempts?

A.
/etc/default/login, /var/adm/loginlog, /etc/syslog.conf

B.
/etc/default/login, /var/adm/authlog, /etc/syslog.conf

C.
/var/adm/loginlog, /var/adm/authlog, /etc/syslog.conf

D.
/etc/default/login, /var/adm/authlog, /var/adm/loginlog

Explanation:
This procedure captures in a syslog file all failed login attempts.
1. Set up the /etc/default/login file with the desired values for SYSLOG and
SYSLOG_FAILED_LOGINS
Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented.
2. Create a file with the correct permissions to hold the logging information.
Create the authlog file in the /var/adm directory.
3. Edit the syslog.conf file to log failed password attempts.
Send the failures to the authlog file.
Reference: Oracle Solaris 11 Information Library, How to Monitor All Failed Login Attempts

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

thirteen − 3 =

Yoboo

Yoboo

[B] http://docs.oracle.com/cd/E19253-01/816-4557/secsys-36/index.html
“How to Monitor All Failed Login Attempts”

This procedure captures in a syslog file all failed login attempts.
1. Set up the /etc/default/login file with the desired values for SYSLOG and SYSLOG_FAILED_LOGINS
Edit the /etc/default/login file to change the entry. Make sure that SYSLOG=YES is uncommented.
2. Create a file with the correct permissions to hold the logging information.
Create the authlog file in the /var/adm directory.
3. Edit the syslog.conf file to log failed password attempts.
Send the failures to the authlog file.

Reply