it depends on your unix vendor, for instance redhat linux 6.2 by default
gives 600 as default permissions for maillog/messages files
--Steve
-----Original Message-----
From: Ryan J Nichols [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 18, 2000 6:31 PM
To: [EMAIL PROTECTED]
Subject: maillog security with vchkpw ?
While one of my users was being brute force password guessing attacked, I
noticed the following:
Jul 17 01:32:56 kungfoo vpopmail[8190]: vchkpw: password fail [morgan]
[kiss] from 209.107.42.5
Jul 17 01:32:57 kungfoo vpopmail[8192]: vchkpw: password fail [morgan]
[innovative] from 209.107.42.5
is it good to show failed passwords in the maillog? what if someone typos?
someone could easily guess the correct password.
by default: -rw-r--r-- 1 root root 5036326 Jul 18 15:21
/var/log/maillog
I took the read bit off world of course, but I don't know if its good to be
broadcasting attempted passwords in a by-default readable file?
Ryan
