Subject: Re: logging bad login attempts
To: Luke Mewburn <firstname.lastname@example.org>
From: John F. Woods <email@example.com>
Date: 03/07/1995 19:26:43
> > Make absolutely sure, though, that it's really what you want: logging
> > actual supplied logins is often a great way to offer cleartext passwords
> > to an adversary...
> Which is why you have
> authpriv.* /var/log/secure
> ...,authpriv.none,... /var/log/messages
How many times have we seen CERT reports about Yet Another Sendmail Hole
Allowing People To Read Any File...?
What you don't record can't be stolen.