[2824] in bugtraq
Re: Write-only devices (Was read only devices)
daemon@ATHENA.MIT.EDU (Dave Kinchlea)
Wed Jun 26 17:17:04 1996
Date: Wed, 26 Jun 1996 16:20:45 -0400
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Dave Kinchlea <kinch@kcc.empath.on.ca>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.SOL.3.91.960626115034.14709C-100000@earth>
On Wed, 26 Jun 1996, Matthew Cable/USA.NET Inc. wrote:
> On Tue, 25 Jun 1996, DevilBunny wrote:
>
> >
> > Sending unencrypted logs over a public network, what a great idea. Some
> > of my logs actually contain passwds for failed logins and ppp connections.
> >
>
> if your logs contain passwords you should be shot....
>
If you want to log failed logins then you want to know what username
the failed login was trying to use. THIS is where passwords get sent
to logs and it is what I suspect that DevilBunny was talking about.
The rest of your message I completely agree with. We use:
*.err;kern.debug;daemon,auth.info /var/adm/messages
*.debug @sysloghost
and sysloghost also monitors the traffic from a serial port
connection.
None of this helps when syslogd breaks, however.
cheers
