[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Logging passwords of SSH attacks

On Sat, 17 Jan 2009 11:44:38 +0000
Tzafrir Cohen <tzafrir@cohens.org.il> wrote:

> > people
> > often confuse which password they have to enter where, and thus
> > valid passwords would wander into the logs for malicous people to
> > collect and use at other sites.
> auth.log is only readable to sysadmins.
<sarcasm> oh what a wonderful world </sarcasm>

The only way to prevent misuse of such information is to _not_ _log_

If you really need to satisfy your curiosity hack the sources or look
at 'john' or something like that.


Attachment: signature.asc
Description: PGP signature

Reply to: