Bugtraq mailing list archives
Re: Write-only devices (Was read only devices)
From: kinch () kcc empath on ca (Dave Kinchlea)
Date: Wed, 26 Jun 1996 16:20:45 -0400
On Wed, 26 Jun 1996, Matthew Cable/USA.NET Inc. wrote:
On Tue, 25 Jun 1996, DevilBunny wrote:Sending unencrypted logs over a public network, what a great idea. Some of my logs actually contain passwds for failed logins and ppp connections.if your logs contain passwords you should be shot....
If you want to log failed logins then you want to know what username the failed login was trying to use. THIS is where passwords get sent to logs and it is what I suspect that DevilBunny was talking about. The rest of your message I completely agree with. We use: *.err;kern.debug;daemon,auth.info /var/adm/messages *.debug @sysloghost and sysloghost also monitors the traffic from a serial port connection. None of this helps when syslogd breaks, however. cheers
Current thread:
- Re: Write-only devices (Was read only devices) Don Lewis (Jun 21)
- <Possible follow-ups>
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 24)
- Re: Write-only devices (Was read only devices) DevilBunny (Jun 25)
- BoS: CERT Advisory CA-96.12 - Vulnerability in suidperl CERT Advisory (Jun 26)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 26)
- Re: Write-only devices (Was read only devices) Dave Kinchlea (Jun 26)
- Re: Write-only devices (Was read only devices) DevilBunny (Jun 25)
- Re: Write-only devices (Was read only devices) Paul C Leyland (Jun 24)
- Re: Write-only devices (Was read only devices) Peter Jeremy (Jun 24)
- Re: Write-only devices (Was read only devices) neill (Jun 24)
- Re: Write-only devices (Was read only devices) Adam Bauer (Jun 25)
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 26)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
- Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)