The files wtmp and btmp are typically for tracking successful and bad logins. To find bad logins just run the last or lastb commands. The former requires you specify the file "btmp" and the later does it automatically.
It's good to monitor btmp since it can give clues that a brute force login attack is under way or some one is having major login problems.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment