About nixCraft

• Daily Linux tips, hacks, news, ideas and much more »
• 
  
• 

Topics

• CentOS
• Howto
• Linux
• Linux distribution
• RedHat/Fedora Linux
• Security
• Tips
• Ubuntu Linux
• See all topics...

Linux How do I display failed login attempt?

/var/log/faillog is a log file for failed login attempts. This file maintains a count of login failures and the limits for each account. The file is fixed length record, indexed by numerical ID. Each record contains the count of login failures since the last successful login; the maximum number of failures before the account is disabled; the line the last login failure occurred on; and the date the last login failure occurred. Since data is in binary format you need to use faillog command to display failed login attempt.

How do I use faillog?

To display failed login attempt for user root with following command:
$ faillog -u root
Output:

Login       Failures Maximum Latest                   On
root            0        0   02/17/06 14:49:52 +0530  tty1

To display all failed login attempt try:
$ faillog -a
Output:

Login       Failures Maximum Latest                   On
root            0        0   02/17/06 14:49:52 +0530  tty1
rocky           0        0   02/27/06 22:05:03 +0530  tty1
usr1            2        0   02/16/06 15:05:01 +0530  tty2

See also:

• How do I find all out failed ssh login attempts?

Continue reading rest of the Linux pam_tally - login counter Configuration series.

E-mail this to a Friend    Printable Version

Linux Powered Asus EEE Laptop PC From $299

• How to: Configure Linux to track and log failed login attempt recoreds
• Howto: Protect account against a password cracking attack
• Linux > how do I find out all failed login attempts via ssh/telnet?
• Protecting Linux against automated attackers
• Linux Failed Login Control: Lock and Unlock User Accounts Using PAM

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!

Tags: binary format, check the failed login attempts in log file, faillog command, how to get information about failure logs in linux, linux login log, login attempts, login failure, maximum number, pam track failed logins, ssh login, suse login attempts logfile

Search

Advertisements

more ~/options

• About us
• Testimonials
• Advertise
• Contact us

Archives

• Select Month November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004

nixCraft RSS Feeds

Copyright © 2004-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.