Network Security: Detailed info on Re: SSH probe attack afoot?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: SSH probe attack afoot?

from [Steve Bonds] Network Security

[Permanent Link]

Subject:	Re: SSH probe attack afoot?
Date:	Mon, 7 Feb 2005 13:48:23 -0800

On Mon, 07 Feb 2005 15:42:32 -0300, Martin Sarsale wrote:

And: does ssh provides this kind of functionality? (I know it could be a
security breach in case you type your root password in uppercase and it
ends on your logs)


It's generally a Bad Idea to log passwords.  This can open you up to
accusations of the US Federal crime of trafficking in passwords, even
if you're just using them internally.  It also allows potentially
malicious users to deflect blame by claiming someone else had their
password.

Check this thread on the OpenSSH mailing list (Oct 20 2004) for
details on logging passwords:

http://marc.theaimsgroup.com/?t=109838679600001

With that said, this post (Oct 22 2004 by Baqrtek Krajnik) provides a
patch to auth-passwd.c to log each password used whether successful or
not.

http://marc.theaimsgroup.com/?l=secure-shell&m=109863906400531

-- Steve

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
SSH probe attack afoot?, Bernie Cosell Re: SSH probe attack afoot?, Martin Sarsale Re: SSH probe attack afoot?, Steve Bonds <= Re: SSH probe attack afoot?, Steven Harrison Re: SSH probe attack afoot?, xyberpix Re: SSH probe attack afoot?, Stephen Warren Re: SSH probe attack afoot?, j@65535.com Re: SSH probe attack afoot?, Barrie Dempster Re: SSH probe attack afoot?, j lake Re: SSH probe attack afoot?, Jeffrey Goldberg Re: SSH probe attack afoot?, Stephen J. Smoogen eBay Account Phishing with eBay Redirect, Steven Exploit on tcp/4128?, Lawrence Baldwin

Previous by Date:	Re: SSH probe attack afoot?, Barrie Dempster
Next by Date:	Re: SSH probe attack afoot?, Steven Harrison
Previous by Thread:	Re: SSH probe attack afoot?, Martin Sarsale
Next by Thread:	Re: SSH probe attack afoot?, Steven Harrison
Indexes:	[Date] [Thread] [Top] [All Lists]