> -----Original Message-----
> From: Bill [mailto:[EMAIL PROTECTED]]
> 
> Is there a way to log these failed auth attempts?  It'd be nice to 
> also have the option of logging what was entered as the password
> for failed auths. (only for failed auths, not for successfull 
> auths too).
> 
There is a security issue with this; some of the failed attempts will be typos from 
the legitimate user, so the password will be "almost" correct. Which means that the 
logfile is as sensitive info as the password file. This might not be a problem for 
you, but in many cases it is.

/Ingvar
Ericsson Radio Systems AB
Center for Wireless Internet Integration 
P.O. Box 1885, Teknikringen 8, S-581 17  Linköping, Sweden
Phone +46 13 32 22 87
Mobile +46 70 321 3395
Fax     +46 70 617 3395
mailto: [EMAIL PROTECTED]

˙
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to