Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: SSHD-1 Logging Vulnerability
From: Florian Weimer <Florian.Weimer () RUS UNI-STUTTGART DE>
Date: Fri, 9 Feb 2001 18:23:07 +0100
jose nazario <jose () SPAM THEGEEKEMPIRE NET> writes:


-          debug("Rhosts authentication failed for '%.100s', remote '%.100s', host '%.200s'.",
+          log_msg("Rhosts authentication failed for '%.100s', remote '%.100s', host '%.200s'.",
                 user, client_user, get_canonical_hostname());


I don't think this patch is a good idea.  If a user accidentally
enters his password in place of his user name, the password will show
up in the log.  That's probably the reason while logging is available
only in the debug mode.  It should be sufficient to log the IP address
of the client trying to authenticate.

--
Florian Weimer                    Florian.Weimer () RUS Uni-Stuttgart DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]