On Tue, Apr 25, 2017 at 07:14:56PM -0700, Gordon Messmer (gordon.messmer@xxxxxxxxx) wrote:
> On 04/25/2017 07:00 PM, Jobst Schmalenbach wrote:
> > What I want is the IP address and if possible the incorrect password (just to see how far they are off).
> > Is this possible?
>
> I hope not. That's a terrible idea. Every time a user fat-fingers their
> password, your plain-text logs have a copy of their almost-correct password.
>
As always there are tradeoffs ...
I have a reasonable strict password policy, so by looking at the failed passwords I can see how far the tries are off the real thing, so it actually is a good thing for me. Also I learn which passwords are used for cracking, which again is a good thing. As for the logged passwords - this is a non user server, only two people have access ... so reading the logs is difficult for imap/sendmail users in the company ...
J
--
Gravity does not exist, the Earth sucks.
| |0| | Jobst Schmalenbach, jobst@xxxxxxxxxxxxxx, General Manager
| | |0| Barrett Consulting Group P/L & The Meditation Room P/L
|0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
