Bugtraq mailing list archives
Re: Write-only devices (Was read only devices)
From: mec () usa net (Matthew Cable/USA.NET Inc.)
Date: Thu, 27 Jun 1996 12:37:03 -0600
On Thu, 27 Jun 1996, J.R.Valverde (jr) wrote:
The same happens for most programs that log successful and wrong logins. If you don't record all login attempts then you don't know if someone is trying to log-in nor if the attacker is going after a specific account. You have to start interactively monitoring one by one all your accounts (no account name on any logs, remember?)...
Here's a thought.....don't log it unless its a valid username. If its a valid username, and they're failing a lot, then you know what they're targetting...if its an invalid username, it doesnt' matter...could be a password, could be anything, but its not a valid user, so you don't need to worry about it.
The lesson is: *users* do make mistakes. And there's no easy way you can both keep useful logs without them containing sensitive information. Either they do or they are useless.
see above ;) #!/usr/bin/perl -- Matthew Cable -- USA.NET -- Senior System Administrator $fof='8a*)v2*^Gf#*5S="!jh!;F)]#T):)#&f5kR^(%!E<F#Pf)@2farf&*#ahgu)%C:V5R'; print;$arf=eval{$foo="t1!A53%%1!RBF13!\@$%r/R!$7A39\@aB-z^*#\\)BAS/13/4d"; eval{print;};$foo=~tr/A-Z0-9%$!@!//d;$foo;};$tmp="\$fof=~$arf;";eval $tmp; eval;eval;eval;$\=unpack(u35,$fof)."\n";print #;)>#;0>#:|#8)#;P#80#:o#;)#;
Current thread:
- Re: Write-only devices (Was read only devices), (continued)
- Re: Write-only devices (Was read only devices) Dave Kinchlea (Jun 26)
- Re: Write-only devices (Was read only devices) Paul C Leyland (Jun 24)
- Re: Write-only devices (Was read only devices) Peter Jeremy (Jun 24)
- Re: Write-only devices (Was read only devices) neill (Jun 24)
- Re: Write-only devices (Was read only devices) Adam Bauer (Jun 25)
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 26)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
- Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
- Re: Write-only devices (Was read only devices) Casper Dik (Jun 27)
- Re: Write-only devices (Was read only devices) aleipold () clark net (Jun 27)
- Re: Write-only devices (Was read only devices) Robert Banz (Jun 28)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Valdis.Kletnieks () vt edu (Jun 28)