Record Failed Passwords

[Alan Neville]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 20/07/2010 23:10, Bob Proulx wrote:
> Keisial wrote:
>>  Bob Proulx wrote:
>>> Alan Neville wrote:
>>>> I am emailing you to ask is it possible to record failed passwords
>>>> attempts and log them to syslog? Are there patches available for this?
>>
>>> My logs are always filled with cracking attempts to log in but failing
>>> the password.  The past couple of months the distributed attacks have
>>
>> I think he wants the actual passwords, Bob.
> 
> Oh!  When I read "record failed passwords attempts" I read it as
> "record failed password attempts".  No matter what I think the grammer
> there is a little ambiguous.  And logging actual passwords isn't
> normally good since normally user passwords shouldn't be stored.  But
> I understand that if you are setting up a honeypot or studying attacks
> then it is one way to observe the cracking behavior.

Indeed this is a honeypot. Can anyone provide information on where such
patches are available?

> 
> Bob
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

- -- 

Alan Neville,
Postgraduate Education Officer,
DCU Students' Union 2009/2010,
BS.c Computer Applications DCU (Completed)
MS.c Security and Forensics DCU (Attending)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJMRjpXAAoJEJ1FG8f8UuluR8kIAJAqHfrENE9kKbTZ8ON7GwkW
TjE+JS1ThrJeXK8wgloZVp8CcvmGghLlz2MunYqVeXtzyq7TMSXXMZNT2RQXk7Wc
i/A47PTW6PPAGv96x+UldG9cbUetHdekEgEKpj9ZBKesSAQ8TlAwISKVUdEgbxwS
f/iNJtW+lw/HTbOUOkG5bcUQwAqunaMYDL7iD8h/wWZ3l89Rx2cF9vaiCpw8YJr1
Eri/045XLWmVITrIoVFHpqvP2KtWLUjwGQwX1VR/eFJcgnzdjhOlaaRMSv01Vci9
NTcZn0ju6qDSvg1wOGBPdzOJXQgJ5d7wcGcYUtOz0QPDEdad9Dh+cCd/xmXWl+k=
=22SH
-----END PGP SIGNATURE-----