Bugtraq mailing list archives

Re: Write-only devices (Was read only devices)

From: mec () usa net (Matthew Cable/USA.NET Inc.)
Date: Thu, 27 Jun 1996 12:37:03 -0600


On Thu, 27 Jun 1996, J.R.Valverde (jr) wrote:


        The same happens for most programs that log successful and wrong
logins. If you don't record all login attempts then you don't know if
someone is trying to log-in nor if the attacker is going after a specific
account. You have to start interactively monitoring one by one all your
accounts (no account name on any logs, remember?)...


Here's a thought.....don't log it unless its a valid username.  If its a
valid username, and they're failing a lot, then you know what they're
targetting...if its an invalid username, it doesnt' matter...could be a
password, could be anything, but its not a valid user, so you don't need
to worry about it.

        The lesson is: *users* do make mistakes. And there's no easy
way you can both keep useful logs without them containing sensitive
information. Either they do or they are useless.


see above ;)


#!/usr/bin/perl -- Matthew Cable -- USA.NET -- Senior System Administrator
$fof='8a*)v2*^Gf#*5S="!jh!;F)]#T):)#&f5kR^(%!E<F#Pf)@2farf&*#ahgu)%C:V5R';
print;$arf=eval{$foo="t1!A53%%1!RBF13!\@$%r/R!$7A39\@aB-z^*#\\)BAS/13/4d";
eval{print;};$foo=~tr/A-Z0-9%$!@!//d;$foo;};$tmp="\$fof=~$arf;";eval $tmp;
eval;eval;eval;$\=unpack(u35,$fof)."\n";print #;)>#;0>#:|#8)#;P#80#:o#;)#;

Current thread:

Re: Write-only devices (Was read only devices), (continued)
- - - Re: Write-only devices (Was read only devices) Dave Kinchlea (Jun 26)
- Re: Write-only devices (Was read only devices) Paul C Leyland (Jun 24)
- Re: Write-only devices (Was read only devices) Peter Jeremy (Jun 24)
  - Re: Write-only devices (Was read only devices) neill (Jun 24)
- Re: Write-only devices (Was read only devices) Adam Bauer (Jun 25)
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 26)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
  - Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
    - Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
    - Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
  - Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
    - Re: Write-only devices (Was read only devices) Casper Dik (Jun 27)
    - Re: Write-only devices (Was read only devices) aleipold () clark net (Jun 27)
    - Re: Write-only devices (Was read only devices) Robert Banz (Jun 28)
- Re: Write-only devices (Was read only devices) Lew Wagner (Jun 27)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 28)
  - Re: Write-only devices (Was read only devices) Valdis.Kletnieks () vt edu (Jun 28)
- Re: Write-only devices (Was read only devices) Jeff Uphoff (Jun 28)
- Re: Write-only devices (Was read only devices) Eugene Bradley (Jun 28)