This is a function of syslog, use syslog-ng and you can turn this off. -----Original Message----- From: pam-list-bounces@xxxxxxxxxx [mailto:pam-list-bounces@xxxxxxxxxx] On Behalf Of Eric Smith Sent: Friday, December 14, 2007 6:30 AM To: pam-list@xxxxxxxxxx Subject: Preventing reverse DNS lookups I've googled this for several hours and gotten nowhere, so I'm turning to this list in hopes someone can point me in the right direction. I think this is a PAM question. If not, my apologies. I want to prevent reverse DNS lookups on log lines like this: Dec 13 20:13:14 myhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty=ftp ruser=adrian rhost=s42.deinprovider.de I want to see the actual IP address in the rhost= part, so I can scan the log files (maybe using swatch) and block these people from brute forcing me. Since the reverse DNS is likely under their control, it's useless to get address of the perpetrator. Is there some pam (or maybe pam_unix) option to disable reverse DNS lookups? I would think this is a common need, but I can't find much info on it online. Thanks for any pointers. I've started looking through the source to pam, and I'll continue down that path next. But hopefully someone can save me the time! Eric. _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
