>
> Howdy,
>
> Got a question... Does the portmaster log failed telnet attempts to the
> radius files? If it doesn't by default is there some way it could be
> coaxed into logging failed attempts? Basically what we want is to log the
> failed attempt, the username and ip the attempt came from and to really
> give us that warm fuzzy feeling we'd like to log the username and
> passwords used.
If you log the passwords you will get incorrect passwords for normal users
accounts, from which it would be a small brute-force space to guess the
correct password. If you have a couple of failed passwords in the logs, it
might even be easy to hand-guess the correct password.
If you log the failed usernames, you might also get passwords. This was
pointed out on a security list.
-- Bob Forsman thoth@gainesville.fl.us http://www.gainesville.fl.us/~thoth/