Subject: re: security/2075
To: None <email@example.com>
From: Elad Efrat <elad@NetBSD.org>
Date: 08/14/2005 20:52:25
I'm about to close this PR for the following reasons:
1. Maybe in 1996 a failed root login was an anomaly; today it's just
2. The proposed fix, or any fix for the outlines ``problem'' in the PR,
would require changes in too many parts of the tree which may not be
desired by most admins.
3. Public keys, disallowing remote root logins in ssh, ftp, are common
4. An attacker trying to brute-force an account password (with or
without a master.passwd), let alone the root password, is very
uncommon; I believe the majority, if not all, of inexperienced
attackers today will attempt to run their arsenal of exploits on a
Experienced attackers will attempt their *private* arsenal of
exploits on a target system. :)
5. Many tools allow specifying log facility and/or priority; if any
modification is to be done at all, and I certainly think that there
should be *no* modification (!), it should be to allow an admin
specify log facility/priority. Changing the default is bad.
6. There are a variety of log monitoring tools and brute-force attack
mitigation methods; if an admin cares enough, there are better
ways to handle with it.
7. Filtering what a specific admin cares about from the logfiles should
be done by log monitoring tools. If an admin does it manually,
probably using ``egrep'', it certainly makes no difference in what
file these logs are in.
And there are plenty more.. :)
PGP Key ID: 0x666EB914