Quote:
Originally Posted by Simon Bridge
Is it a one then a two? Isn't it just counting the number of times a specific login has failed? (If it fails three times, in some systems, the sysadmin is notified.)
|
Thanks for your hint
I tried to telnet a Linux server by SecurCRT with correct user name but incorrect password for 4 times.
And the OS logged like below:
>login[16510]: FAILED LOGIN 1 FROM 10.1.7.244 FOR parlay
>login[16510]: FAILED LOGIN 2 FROM 10.1.7.244 FOR
>login[16510]: FAILED LOGIN 3 FROM 10.1.7.244 FOR parlay
>login[16510]: FAILED LOGIN SESSION FROM 10.1.7.244 FOR parlay
>login(pam_unix)[16510]: 3 more authentication failures;
>login(pam_unix)[16510]: service(login) ignoring max retries; 4 > 3
so the number do counts the failure times of a login process.