Personally, I'd be tempted to go the IP lockout route myself since the
patterns should be clear in the logs, but be aware that # megabytes gives a
reasonable level of control because you can set to log rather than lock
out. I think the risk of locking legitimate users is low. Although people
can
On 11/20/14 1:06 PM, Kyle Banerjee wrote:
BTW, you can do some funky things with EZP that include
conditional logic
Can you say more about funky things you can do with EZProxy involving
conditional logic? Cause I've often wanted that but haven't found any!
Are you talking about a particular
I can't remember the details because I haven't worked with EZP for years
and unfortunately, this stuff isn't documented.
Where I used it was in the user.txt file when authenticating. Things you
can do include setting/modifying session, regular EZP, and arbitrary
variables, as well as doing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here's some of the relevant documentation of the user.txt expressions Kyle
mentioned. It is possible to set session variables and get them to be
logged - we're doing this with certain Shibboleth attributes for business
analysis. I have not had luck
On Nov 19, 2014, at 11:47 PM, Dan Scott wrote:
On Wed, Nov 19, 2014 at 4:06 PM, Kyle Banerjee kyle.baner...@gmail.com
wrote:
There are a number of technical approaches that could be used to identify
which accounts have been compromised.
But it's easier to just make the problem go away by
Logging user ID's has a benefit if it's used properly (access tightly
controlled to a select group)
If campus ID's are being used by bots to harvest content, it means that you
have users whose credentials are compromised. Whoever obtained this
information also has access to e-mails, student
years.
Josh Welker
-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
Joe Hourcle
Sent: Thursday, November 20, 2014 2:15 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Balancing security and privacy with EZproxy
On Nov 19, 2014, at 11:47
Welker
-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Kyle
Banerjee
Sent: Thursday, November 20, 2014 12:07 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Balancing security and privacy with EZproxy
Personally, I'd be tempted to go the IP
@LISTSERV.ND.EDU] On Behalf Of
Michael Berkowski
Sent: Thursday, November 20, 2014 1:02 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Balancing security and privacy with EZproxy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Here's some of the relevant documentation of the user.txt expressions
are shared between many systems.
Josh Welker
-Original Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of
Kyle
Banerjee
Sent: Thursday, November 20, 2014 12:07 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: Re: [CODE4LIB] Balancing security and privacy
Balancing security and privacy with EZproxy
In recent months, we have been contacted several times by one of our
vendors about our databases being accessed by rogue Chinese IP addresses.
With the massive proliferation of online security breaches and password
dumps, attackers are gaining access
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Do you make use of the audit logs? They will log a username along with a
session id enabling you to identify evil sessions by user, but
importantly, the audit logs are purged away at a specified interval. I
think it defaults to 7 days, but you could
Message-
From: Code for Libraries [mailto:CODE4LIB@LISTSERV.ND.EDU] On Behalf Of Joshua
Welker
Sent: Wednesday, November 19, 2014 3:53 PM
To: CODE4LIB@LISTSERV.ND.EDU
Subject: [CODE4LIB] Balancing security and privacy with EZproxy
Balancing security and privacy with EZproxy
In recent months
There are a number of technical approaches that could be used to identify
which accounts have been compromised.
But it's easier to just make the problem go away by setting usage limits so
EZP locks the account out after it downloads too much. Alternatively, just
block the Chinese IP's unless you
: 2014年11月19日 14:53
To: CODE4LIB@LISTSERV.ND.EDU
Subject: [CODE4LIB] Balancing security and privacy with EZproxy
Balancing security and privacy with EZproxy
In recent months, we have been contacted several times by one of our vendors
about our databases being accessed by rogue Chinese IP addresses
On Wed, Nov 19, 2014 at 4:06 PM, Kyle Banerjee kyle.baner...@gmail.com
wrote:
There are a number of technical approaches that could be used to identify
which accounts have been compromised.
But it's easier to just make the problem go away by setting usage limits so
EZP locks the account out
16 matches
Mail list logo