• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 263
  • Last Modified:

How to track who tried to login my server and from which ip

I wd like to know is any way to find out in solaris who tried to login our server with which user, from which ip and when what times and date.

if any script i need that if any one can provide this.

regards
vivek jauhari
0
VivekJauhari
Asked:
VivekJauhari
1 Solution
 
PsiCopCommented:
Depends on the access methods, e.g. telnet, SSH, FTP, NFS, etc.

Each access method logs different information, and different levels of detail.

Which access method(s) do you want to analyze?
0
 
TintinCommented:
As PsiCop says, it depends on the method used to log in.

You can list all successful logins with the 'last' command.

0
 
ahoffmannCommented:
more /var/log/messages
more /var/adm/messages
more /var/adm/syslog
# path depends on your system version/setup
0
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

 
VivekJauhariAuthor Commented:
It is ok.. we can check with Last command but i wd like to knwo who tryied to login from which ip if login not success also. so that we can track which ip tring to breck our passwd/server.

is we can find this via any script? and if yes i need that script

regards
vivek jauhari
0
 
TintinCommented:
To log failed logins (via telnet/ssh), edit /etc/default/logins and set

SYSLOG_FAILED_LOGINS=0

Then do:

touch /var/adm/loginlog
chown root:sys /var/adm/loginlog
chmod 600 /var/adm/loginlog

0
 
TintinCommented:
ssh attempts will be in /var/adm/messages or /var/adm/syslog
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

Tackle projects and never again get stuck behind a technical roadblock.
Join Now