Re: security leak in ppp.log file

To: Carel Fellinger <cfelling@iae.nl>
Cc: debian-user@lists.debian.org
Subject: Re: security leak in ppp.log file
From: "Jens B. Jorgensen" <jjorgens@bdsinc.com>
Date: Thu, 01 Jul 1999 15:47:50 -0500
Message-id: <[🔎] 377BD3F6.A4AE3BF@bdsinc.com>
References: <[🔎] 7lfkuj$sp$1@vvs.superst.iae.nl>

These log messages show up because somewhere you've specified the 'debug' option. Just get rid of this option.

Carel Fellinger wrote:

> ------------------------------------------------------------------------
> Sorry for reposting this question, but somehow my posts to the newsgroup
> never make it to the list and many posting of others seam to miss too:(,
> so please reply by email too. thanks
> ------------------------------------------------------------------------
>
> Hai,
>
> for starters: the longer I have Debian GNU/Linux the happier I get,
>               and the more often I find what I need in the docs,
>               but not this one:(
>
> Recently my IPS changed from chat to PAP, and now I find my password
> in the ppp.log file. I know that file has restricted access rights,
> but I prefer to have no passwords lying around, besides Debian ships
> with an X configuration where the console messages are routed to an
> xterm on the XDM login screen, so there they are for everyone to read!
> Previously I used chat scripts only (no PAP authentication once logged
> into my IPS), and in there you have flags (\q) to suppress listing of
> the password in the ppp.log files. How to achief this with PAP or CHAP?
>
> -----------------------------------------------------------------------
>
> I got this one reply of Eric G. Miller suggesting to use pppconfig and
> have the password and userid in the pap-secrets file. Unfortunately that
> was no cure, as that was exactly what I already had done:(.
>
> the ppp.log file reads something like:
>
> Jun 27 13:30:21 vvs pppd[16672]: Using interface ppp0
> Jun 27 13:30:21 vvs pppd[16672]: Connect: ppp0 <--> /dev/ttyS1
> ...
> Jun 27 13:30:43 vvs chat[16672]: send (\d)
> Jun 27 13:30:44 vvs pppd[16671]: Serial connection established.
> Jun 27 13:30:45 vvs pppd[16671]: Using interface ppp0
> Jun 27 13:30:45 vvs pppd[16671]: Connect: ppp0 <--> /dev/ttyS1
> Jun 27 13:30:45 vvs pppd[16671]: sent [LCP ConfReq id=0x2 <asyncmap 0x0> <magic 0x1b9a3fac>]
> Jun 27 13:30:46 vvs pppd[16671]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x1b9a3fac>]
> Jun 27 13:30:46 vvs pppd[16671]: rcvd [LCP ConfReq id=0x28 <mru 1600> <magic 0x682cc4e0> <asyncmap 0x0> <auth pap>]
> Jun 27 13:30:46 vvs pppd[16671]: sent [LCP ConfAck id=0x28 <mru 1600> <magic 0x682cc4e0> <asyncmap 0x0> <auth pap>]
> Jun 27 13:30:46 vvs pppd[16671]: sent [LCP EchoReq id=0x0 magic=0x1b9a3fac]
> Jun 27 13:30:46 vvs pppd[16671]: sent [PAP AuthReq id=0x1 user="my-user-id" password="my-password"]
> Jun 27 13:30:49 vvs pppd[16671]: sent [PAP AuthReq id=0x2 user="my-user-id" password="my-password"]
>
> and there they are, so what did I do wrong? how to prevent this?
> just ran pppconfig, selected PAP protocol and kept all the default awnsers.
> by the way, I'm still running (mainly) ham (Debian 2.0)
>
> --
> groetjes, carel
>
> --
> groetjes, carel
>
> --
> Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null

--
Jens B. Jorgensen
jjorgens@bdsinc.com

Reply to:

References:
- security leak in ppp.log file
  - From: Carel Fellinger <cfelling@iae.nl>

Prev by Date: CD Changer setup
Next by Date: TAR.GZ
Previous by thread: security leak in ppp.log file
Next by thread: Re: security leak in ppp.log file
Index(es):
- Date
- Thread