[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security leak in ppp.log file

On Thu, Jul 01, 1999 at 01:54:59PM +0200, Carel Fellinger wrote:
> ------------------------------------------------------------------------
> Jun 27 13:30:46 vvs pppd[16671]: rcvd [LCP ConfAck id=0x2 <asyncmap 0x0> <magic 0x1b9a3fac>]
> Jun 27 13:30:46 vvs pppd[16671]: rcvd [LCP ConfReq id=0x28 <mru 1600> <magic 0x682cc4e0> <asyncmap 0x0> <auth pap>]
> Jun 27 13:30:46 vvs pppd[16671]: sent [LCP ConfAck id=0x28 <mru 1600> <magic 0x682cc4e0> <asyncmap 0x0> <auth pap>]
> Jun 27 13:30:46 vvs pppd[16671]: sent [LCP EchoReq id=0x0 magic=0x1b9a3fac]
> Jun 27 13:30:46 vvs pppd[16671]: sent [PAP AuthReq id=0x1 user="my-user-id" password="my-password"]
> Jun 27 13:30:49 vvs pppd[16671]: sent [PAP AuthReq id=0x2 user="my-user-id" password="my-password"]
> 
> and there they are, so what did I do wrong? how to prevent this?
> just ran pppconfig, selected PAP protocol and kept all the default awnsers.
> by the way, I'm still running (mainly) ham (Debian 2.0)
> 
its also annoying as I like to
send all syslogd output to tty12
and so people can see my password


Konstantin
Reply to: