[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 899
  • Last Modified:

How To Trap Bad Telnet Login Information (Username and Password)

Hello,

We have users telnet (usually locally) into our servers (RedHat 8 and CentOS 4.5).

When we have a bad login attempt, I would like to be able to trap the bad username and password in a log file of some sort.

How can I do this?

Thanks in advance,

s1m0ne
0
s1m0ne
Asked:
s1m0ne
3 Solutions
 
TintinCommented:
Details will be in /var/log/secure as well as /var/log/messages
0
 
WizRd-LinuxCommented:
As far as I know there isn't a way to specifically split out the logs for specifically failed login attempts via telnet.

You can however edit /etc/syslog.conf and add a line similar to:

auth.notice        /var/log/auth.log

As I said, I don't know of a way to split it out so it will log notices and above for any programs that ask for a username and password, eg login, su, ftpd, sshd, telnetd.
0
 
s1m0neAuthor Commented:
Thanks, but how do I log the actual bad password in addition to the user?
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
TintinCommented:
You can't log the bad password without making custom changes to sit in middle of the login process.
0
 
WizRd-LinuxCommented:
Tintin is absolutely correct.  To log the bad password attempt you would have to modify the telnetd source to include the bad password in the log output then recompile it.
0
 
omarfaridCommented:
Hi,

How getting the bad passwords will help you? It is a security breach if you could capture users passwords.

It will be enough for you to know that certain account / accounts are failing to login which could till that either the end users need to be educated about how to login / enter password, or that some accounts are under risk of login attempts.

0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now