[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sentry
Subject:    [Abacus] hostsentry & FreeBSD 4.1
From:       "Col.Panic" <panic () antix ! org>
Date:       2000-08-25 4:45:26
[Download RAW message or body]

Hello all,

Does anybody have the correct settings to use hostsentry on a FreeBSD 4.1 
system?  I've been trying to use the standard bsd variants :

# BSD variants
WTMP_FORMAT = "36/0:8/8:8/16:16"

...but...from what I can see, host sentry is not grabbing the domain correctly:

Aug 24 20:04:08 satan sshd[18735]: User user's local password accepted.
Aug 24 20:04:08 satan sshd[18735]: Password authentication for user user 
accepted.
Aug 24 20:04:08 satan sshd[18735]: User user, coming from 
******.san.rr.com, authenticated.
Aug 24 20:04:10 satan hostSentry[17873]: securityalert: LOGIN User: user 
TTY: ttyp2 Host:
Aug 24 20:04:10 satan hostSentry[17873]: securityalert: Foreign domain 
login detected for user: user from:
Aug 24 20:04:10 satan hostSentry[17873]: securityalert: Action being taken 
for user: user
Aug 24 20:04:10 satan hostSentry[17873]: securityalert: Module requesting 
action is: moduleForeignDomain
Aug 24 20:04:10 satan hostSentry[17873]: securityalert: Action complete for 
module: moduleForeignDomain
Aug 24 20:05:00 satan sshd[18735]: Local disconnected: Connection closed.
Aug 24 20:05:00 satan sshd[18735]: connection lost: 'Connection closed.'
Aug 24 20:05:01 satan hostSentry[17873]: securityalert: LOGOUT User: user 
TTY: ttyp2 Host:


It does grab the username correctly.

Thanks,

-Jason

-[TR] Col.Panic			     The
					     /-----\   |----\
Founder					|      |    |
Webmaster					|      |----/
Postmaster					|ech's |    \ evenge
Hostmaster
					"Out you demons of Stupidity!"

http://www.antix.org			unreal.cts.com:7777 UT CTF 413a
http://www.techsrevenge.com		unreal.cts.com:7788 UT Assult 413a
http://www.heartofevil.com

[prev in list] [next in list] [prev in thread] [next in thread]