[LEDE-DEV] [PATCH] dropbear: make syslog support configurable
Petr Štetiar
ynezz at true.cz
Sat Nov 4 02:14:17 PDT 2017
Hans Dedecker <dedeckeh at gmail.com> [2017-11-03 13:46:14]:
Hi,
> By default dropbear logs to syslog which discloses info about account names
> when doing connection attempts (e.g. "Bad password attempt for 'engineer'
> from x.x.x.x:y")
I don't get it, syslog discloses this information to whom and how?
> As this facilitates brute force attempts against account names;
So instead of preventing this brute force attempts, you'll just ignore them
now? I'm wondering how is the brute forcing easier with syslog logging.
> make syslog support configurable in order not to leak sensitive info via
> syslog.
I think, that those are nice warning messages, reminding you, that you're
doing it wrong:
1. You should use pubkey auth.
2. You should limit access to your network services.
-- ynezz
More information about the Lede-dev
mailing list