From 7c8b868ef84bff0c2ed2245029364d89fd9d57af Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Tue, 19 Feb 2002 14:08:04 +0000 Subject: logcheck: Ignore failed proftpd logins with full mail address (not only account) for anonymous and ftp. --- logcheck/ignore.d.server/proftpd | 6 +++--- logcheck/ignore.d.server/tmp | 2 -- 2 files changed, 3 insertions(+), 5 deletions(-) (limited to 'logcheck/ignore.d.server') diff --git a/logcheck/ignore.d.server/proftpd b/logcheck/ignore.d.server/proftpd index 4f81df2..585b5d4 100644 --- a/logcheck/ignore.d.server/proftpd +++ b/logcheck/ignore.d.server/proftpd @@ -1,6 +1,6 @@ proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - FTP session opened\. -proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - USER (anonymous|ftp) \(Login failed\): Can't find user\. -proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - USER (anonymous|ftp): no such user found from .*\[[\.[:digit:]]+\] to [\.[:digit:]]+ -proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - no such user '(anonymous|ftp)' +proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - USER (anonymous|ftp)(@[\.[:alnum:]]+)? \(Login failed\): Can't find user\. +proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - USER (anonymous|ftp)(@[\.[:alnum:]]+)?: no such user found from .*\[[\.[:digit:]]+\] to [\.[:digit:]]+ +proftpd\[.*\]: .* \(.*\[[\.[:digit:]]+\]\) - no such user '(anonymous|ftp)(@[\.[:alnum:]]+)?' proftpd\[.*\]: connect from [\.[:digit:]]+ proftpd\[.*\]: No certificate files found! diff --git a/logcheck/ignore.d.server/tmp b/logcheck/ignore.d.server/tmp index 2bfdb2b..e6e8631 100644 --- a/logcheck/ignore.d.server/tmp +++ b/logcheck/ignore.d.server/tmp @@ -22,8 +22,6 @@ ntpd\[.*\]: synchronisation lost ntpd\[.*\]: time reset [\.[:digit:]-]* . ntpd\[.*\]: time reset [\.[:digit:]-]+ s portsentry\[.*\]: attackalert: .* -proftpd\[.*\]: .* \(.*\) - USER anonymous@ftp.microsoft.com: no such user found from .* -proftpd\[.*\]: .* \(.*\) - no such user 'anonymous@ftp.microsoft.com' pumpd\[.*\]: SO_BINDTODEVICE eth0 \(4\) failed: Invalid argument smbd\[.*\]: read_socket_data: recv failure for 4. Error = No route to host smbd\[.*\]: smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User [[:alnum:]]+ ! -- cgit v1.2.3