On Thu, 2006-03-02 at 17:23 +0100, GroundZero Security wrote: > Well i dont want to destroy your happy time where you can feel superior, but > if you would read the manpage of lastb you would notice that this approach > wont work at all. > lastb just shows successfull logins! not all the attempted logins....we > discussed that before though, > so better pay attention next time. > > Another thing is that on many systems btmp is not present and thus lastb > wouldnt work even if it > would show failed logins. > > NAME > last, lastb - show listing of last logged in users > > SYNOPSIS > last [-R] [-num] [ -n num ] [-adiox] [ -f file ] [name...] [tty...] > lastb [-R] [-num] [ -n num ] [ -f file ] [-adiox] [name...] [tty...] > > DESCRIPTION > Last searches back through the file /var/log/wtmp (or the file > designated by the -f flag) and displays a list of all > users logged in (and out) > since that file was created. > .... ...and a little farther down... "Lastb is the same as last, except that by default it shows a log of the file /var/log/btmp, which contains all the bad login attempts." > as you can see it only logs "logged in" users not all those that tried. so > your script is useless.
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/