Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 905
  • Last Modified:

How To Trap Bad Telnet Login Information (Username and Password)

Hello,

We have users telnet (usually locally) into our servers (RedHat 8 and CentOS 4.5).

When we have a bad login attempt, I would like to be able to trap the bad username and password in a log file of some sort.

How can I do this?

Thanks in advance,

s1m0ne
0
s1m0ne
Asked:
s1m0ne
3 Solutions
 
TintinCommented:
Details will be in /var/log/secure as well as /var/log/messages
0
 
WizRd-LinuxCommented:
As far as I know there isn't a way to specifically split out the logs for specifically failed login attempts via telnet.

You can however edit /etc/syslog.conf and add a line similar to:

auth.notice        /var/log/auth.log

As I said, I don't know of a way to split it out so it will log notices and above for any programs that ask for a username and password, eg login, su, ftpd, sshd, telnetd.
0
 
s1m0neAuthor Commented:
Thanks, but how do I log the actual bad password in addition to the user?
0
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

 
TintinCommented:
You can't log the bad password without making custom changes to sit in middle of the login process.
0
 
WizRd-LinuxCommented:
Tintin is absolutely correct.  To log the bad password attempt you would have to modify the telnetd source to include the bad password in the log output then recompile it.
0
 
omarfaridCommented:
Hi,

How getting the bad passwords will help you? It is a security breach if you could capture users passwords.

It will be enough for you to know that certain account / accounts are failing to login which could till that either the end users need to be educated about how to login / enter password, or that some accounts are under risk of login attempts.

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

A proven path to a career in data science

At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science  with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now