Check Failed Password Attempts
Your rating: Now say why...

(5) 4.5

Displays /var/log/secure.log file.   Free
Add to my Watch List
Email me when discounted
  • Check Failed Password Attempts has been discontinued
  • Developer
    JNSoftware LLC
Check Failed Password Attempts is a small application that parses the /var/log/secure.log file looking for failed authorization attempts. It presents a summary of the total number of failed attempts (and successes) per user. It will also optionally display the full log listing of each failed attempt, each successful attempt, and SSH information from the /var/log/system.log (see the preferences to enable/disable these options).

This application is based on tips submitted to www.macintouch.com. See the MacInTouch report on Security: Access Monitoring and SSH
What's New
Version 0.1.9:
  • Improved compatibility with Mac OS X 10.4.3 (Tiger).
  • Minor interface adjustments.
Requirements
PPC, Mac OS X 10.2 or later, Admin access.

*Previously available here






    Be the first to recommend a similar software title.
Check Failed Passw... User Discussion (Write a Review)
ver. 0.x:
(5)
Your rating: Now say why...
Overall:
(5)

sort: smiles | time
burypromote
+1

+62

smactron reviewed on 14 Dec 2006
Will this ever be updated as a universal binary? I hope so!

Also, is there a way to get it to show what the incorrect password attempts were? I'd like to see what others tried as my password and what I typed when I mis-typed my password.
[Version 0.1.9]


burypromote


Anonymous reviewed on 02 Apr 2005
Same mac mini user 10.3.8 version 0.1.7 now works thank you very much
[Version 0.1.7]


burypromote


Anonymous reviewed on 30 Mar 2005
mac mini os x 10.3.8 gets an error variable 0 not defined then quits.....
[Version 0.1.6]


burypromote


Anonymous reviewed on 30 Mar 2005
No, this says it is related to what's on Macintouch, which is specifically discussing remote attacks and attempts to compromise the machine that way.

There is NO security if someone can sit at the computer. They can reboot and use single user mode if you don't have an open firmware password set (the vast majority don't), or they can simply take the drive - easy in most towers.

No, tools like this are only useful for remote security, and there is no point to this if root is disabled.
[Version 0.1.5]

2 Replies

burypromote
Anonymous commented on 30 Mar 2005
I call BS on you.

Just because root is disabled doesn't mean there aren't 20 or so other user accounts on the machine that can't be attacked, most of which could be used maliciously if compromised.

Heaven forbid anyone would try to do the general ignorant masses a service, though. Of course, you probably like the security-through-obscurity paradigm, as it placates the ignorant masses while allowing you to crack their computers.

cl
burypromote
Anonymous commented on 30 Mar 2005
I call BS *and* flat-out ignorance on you.

None of the other accounts have shell access, so they aren't vulnerable to attempted logins. The only account other than root that has a shell is your user account. User accounts cannot be easily predicted and thus are not generally subject to attack.

So, root is disabled, user accounts are unpredictable, and all other users have no shell access. This is NOT about security through obscurity, this is simply called "no avenues to attack". What's next, ports that aren't opened are subject to attack? "Oh no, there's over 65,000 holes that attackers could use RIGHT NOW! Run for the hills!" This makes just as much sense.

Go read the post on www.unsanity.org and educate yourself about the issue.
burypromote


Anonymous reviewed on 29 Mar 2005
I like it, the name "Herr Anonymous".

Some folks just do not get it. They smell stupidity in their own socks.

have a day.

Bob.
[Version 0.1.5]


burypromote


Anonymous reviewed on 29 Mar 2005
Herr Anonymous says the computer is safe as long as root is not enabled. What if someone were to sit at the keyboard and attempt to type in one's password. The failed attempts would show. That's the goal of this program
[Version 0.1.5]


burypromote


Anonymous reviewed on 27 Mar 2005
Program failed with "Can't make word 2 of " 1 " into a Unicode text."

10.3.8 - dual 800MHz Quicksilver

Hmm...
[Version 0.1.1]


burypromote


Anonymous reviewed on 26 Mar 2005
This is a cool app and perhaps some form of secure.log should be included in Console by Apple. You get the feeling that Apple want to pretend that nothing untoward ever happens to Macs, for instance the lack of logging by ipfw in it's default state and no way of adequately configuring it via Apple's sharing GUI. You can find out the hard way that enabling AFP file sharing or remote login also makes your computer available across the entire internet not just your local network. Very uncool Apple not to be able to change that via the GUI.

Anyway, this app is interesting, I don't know the security implications of being able to view secure.log, although it didn't show actual passwords themselves via this app just login names and times (they all seemed to be my own anyway when I mistyped a password), but I think this is quite handy.
[Version 0.1]

2 Replies

burypromote
Anonymous commented on 26 Mar 2005
You can view security.log in console.app
burypromote
Anonymous commented on 27 Mar 2005
It's not in Console's var/log for me (10.3.7), if I find secure.log in the Finder then specify I want to open it in Console it just comes up blank, presumbably because I don't have permissions to view it.
burypromote


Anonymous reviewed on 26 Mar 2005
i like the program, but could it have a slightly more interesting name?
[Version 0.1]

2 Replies

burypromote
Anonymous commented on 26 Mar 2005
Any suggestions?
burypromote
Anonymous commented on 27 Mar 2005
'Unauthorized'?
burypromote


Anonymous reviewed on 26 Mar 2005
Fun to see what people think your password is.
[Version 0.1]

2 Replies

burypromote
Anonymous commented on 26 Mar 2005
At least my /var/log/secure.log doesn't contain any passwords listed, not even for failed attempts, which is only logical because if this log showed it, it would also show small typos of real password, and all the big attempts of making it secure in /etc/passwd and through shadow passwords etc. would be void.

So please tell me how to get the fun to know what other people think my password is???
burypromote
Anonymous commented on 29 Mar 2005
I would like to know, too.
There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.

There are currently no ratings. Write a comment or review now.

Downloads:5,363
Version Downloads:2,354
Type:Utilities : Security
License:Free
Date:02 Nov 2005
Platform:PPC 32 / OS X
Price:Free0.00
Overall (Version 0.x):
Features:
Ease of Use:
Value:
Stability:
Displaying 1-10 of 10
-
-
-
Please login or create a new
MacUpdate Member account
to use this feature
Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now
Install with MacUpdate Desktop.
Save time moving files & cleaning
up space wasting archives.
Check Failed Password Attempts is a small application that parses the /var/log/secure.log file looking for failed authorization attempts. It presents a summary of the total number of failed attempts (and successes) per user. It will also optionally display the full log listing of each failed attempt, each successful attempt, and SSH information from the /var/log/system.log (see the preferences to enable/disable these options).

This application is based on tips submitted to www.macintouch.com. See the MacInTouch report on Security: Access Monitoring and SSH (http://www.macintouch.com/security-mon.html) for a discussion of what these results mean and how to better protect your system.


- -