home | list info | list archive | date index | thread index

[OCLUG-Tech] logwatch (was: reduceing ssh brute force attempts with iptables)

  • Subject: [OCLUG-Tech] logwatch (was: reduceing ssh brute force attempts with iptables)
  • From: Jody McIntyre <scjody [ at ] modernduck [ dot ] com>
  • Date: Wed, 16 Feb 2005 17:58:00 -0500
On Wed, Feb 16, 2005 at 04:29:39PM -0500, Martin Hicks wrote:
> 
> I get a whole array of different users.  I don't think its a particular
> issue unless you have weak passwords.  I also have the "logwatch"
> package installed which gives me a good synopsis of failed ssh logins,
> among other info.

How do you find logwatch overall?  I used to run logcheck on my servers,
but it sent me a large number of useless log messages that obscured the
(presumably) useful information, which really defeats the purpose.  I
looked for a way to tell it to stop, but couldn't find anything obvious.
Is logwatch easy to configure?

I'm mainly wondering if it's worth the effort to backport it to Debian
Stale, because my servers still run that.

Jody


> 
> mh
> 
> -- 
> Martin Hicks || mort [ at ] bork [ dot ] org || PGP/GnuPG: 0x4C7F2BEE
> _______________________________________________
> Linux mailing list
> Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
> http://www.oclug.on.ca/mailman/listinfo/linux

--