Login functionality

Charles Winebrinner cwinebrinner at lmtc.net
Wed Feb 18 00:23:47 PST 2004


How are you planning on implementing the remote logging?  I currently
have some of my logs sent to another computer on my LAN using syslog,
but I also know that this method is somewhat insecure.  Sending the
logs to a remote computer without storing them to the local hard drive
would definitely have it's advantages, as long as they are sent in a
secure manner and the security of the remote computer is also good.

---
Charles Winebrinner
cwinebrinner at lmtc.net

-----Original Message-----
From: hlfs-dev-bounces at linuxfromscratch.org
[mailto:hlfs-dev-bounces at linuxfromscratch.org]On Behalf Of
ken_i_m at elegantinnovations.net
Sent: Wednesday, February 18, 2004 1:49 AM
To: Hardened LFS Development List
Subject: Re: Login functionality



On Wed, Feb 18, 2004 at 12:50:22AM -0600, Charles Winebrinner
(cwinebrinner at lmtc.net) wrote:
>        But, for instance, if it's a system with a lot of users and someone
> somehow gains access to the log, then that could be a major problem,
> because there are a lot of people that use the same password for
everything.
> If the hacker can associate their usernames on the machine to external
> accounts, then he will have complete access to all of their other
accounts.

Getting users to follow good password practice is a _hard_problem_.  In
the large user scenario you describe a solution I will be looking at
"real soon now" is remote logging.  Though my motivation is to reduce
log monitoring overhead it will have the fringe benefit of reducing the
risk of unauthorized log access.

> BTW, sorry if this message isn't formatted properly.

Looks OK here.  Thanks.
--
I think, therefore, ken_i_m
Chief Gadgeteer, Elegant Innovations
Founder, Bozeman Linux Users Group
(406) 581-0495
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page





More information about the hlfs-dev mailing list