Howdy, As for the syslog issue, take advantage of the ability to send syslog messages to other machines, machines that you can secure more tightly. Also, some products, like tcpwrapper, allow you to send syslog messages for just about anything, including successful attempts. A gig of disk is well worth the price... Later, Al On Mon, 18 Nov 1996, IO ERROR wrote: > One idea is this: use the syslog facility for what it was intended: logging! > I notice that /bin/login and friends don't talk to syslog unless there is a > problem. I believe that they should log everything that's going on, so that > discrepancies (which mean possible intrusions) are easier to discover. Yes, > I'm aware there are modified programs out there that do such logging, though > they may be slightly incompatible with my system or someone else's system.