[CentOS] saslauth logging
Jobst Schmalenbach
jobst at barrett.com.au
Wed Apr 26 05:27:42 UTC 2017
On Tue, Apr 25, 2017 at 07:14:56PM -0700, Gordon Messmer (gordon.messmer at gmail.com) wrote:
> On 04/25/2017 07:00 PM, Jobst Schmalenbach wrote:
> > What I want is the IP address and if possible the incorrect password (just to see how far they are off).
> > Is this possible?
>
> I hope not. That's a terrible idea. Every time a user fat-fingers their
> password, your plain-text logs have a copy of their almost-correct password.
>
As always there are tradeoffs ...
I have a reasonable strict password policy, so by looking at the failed passwords I can see how far the tries are off the real thing, so it actually is a good thing for me. Also I learn which passwords are used for cracking, which again is a good thing. As for the logged passwords - this is a non user server, only two people have access ... so reading the logs is difficult for imap/sendmail users in the company ...
J
--
Gravity does not exist, the Earth sucks.
| |0| | Jobst Schmalenbach, jobst at barrett.com.au, General Manager
| | |0| Barrett Consulting Group P/L & The Meditation Room P/L
|0|0|0| +61 3 9532 7677, POBox 277, Caulfield South, 3162, Australia
More information about the CentOS
mailing list