Path: utzoo!utgpu!watmath!clyde!att!cbnews!lvc From: lvc@cbnews.ATT.COM (Lawrence V. Cipriani) Newsgroups: comp.unix.wizards Subject: Re: My guide to fascist syslogging (or how I caught the internet worm) Message-ID: <2428@cbnews.ATT.COM> Date: 2 Dec 88 13:36:04 GMT References: <1326@helios.ee.lbl.gov> <1988Nov30.170027.15960@utzoo.uucp> Reply-To: lvc@cbnews.ATT.COM (Lawrence V. Cipriani) Organization: AT&T Bell Laboratories Lines: 12 In article <1988Nov30.170027.15960@utzoo.uucp> henry@utzoo.uucp (Henry Spencer) writes: >But be careful that your logs are secure. It is a verifiable fact that >people sometimes type passwords instead of login names, due to slow response >or confusion or etc. Good point. In the login logging I wrote the login name is recorded only if it is a legal login name, other wise "unknown" is recorded. This is done for precisely the reason you gave. -- Larry Cipriani, AT&T Network Systems, Columbus OH, Path: att!cbnews!lvc Domain: lvc@cbnews.ATT.COM