Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 9 Sep 2002 11:49:57 +0400
From: Solar Designer <solar@...nwall.com>
To: popa3d-users@...ts.openwall.com
Subject: Re: popa3d comments

On Sat, Sep 07, 2002 at 08:53:08AM -0700, popa support wrote:
> I'm using popa3d as part of the OpenBSD 3.1 package. I'm happy with it, but do have a few comment-suggestions.

I do appreciate user feedback, thanks!

> I get a lot of "Authentication failed for UNKNOWN USER" messages, but I have no idea who's trying to access their non-existant account. If I knew who, I could contact them and tell them their account no longer exists or they're using "Fred" for the user name instead of "fred" or something. Better would be "Authentication failed for UNKNOWN USER Fred".

Actually, popa3d tries to be careful to NOT log unknown usernames, --
people often place their passwords for username.

Yes, I am asked to change this once in a while and I might add such an
option, but it will never be default.

> 2. It would be great if the IP address was logged too, i.e. "11.22.33.44 Authentication passed for fred"

It is logged with standalone mode and should be logged by either your
inetd clone or TCP wrappers otherwise.  This is explained in INSTALL.

If it's not logged in OpenBSD default setup, that should be fixed.
(Camiel is on this list.)

> 3. Even for a small system like ours, the mail fetching completely buries anything else in /var/log/daemon which might be interesting. Since mail is such a large part of any system, I think popa3d needs it's own log file: /var/log/pop

This is a local configuration or distribution issue.  I believe the
OpenBSD syslogd is advanced enough to filter by program (ident) even
without them having to pick a unique facility.

> 4. How do I determine the version of popa3d? There's no V command, or connection message, or even text in the executable. It's good to be able to determine this to know about exploits, updates, etc. I want to find this from the executable, not from the source, since not all users have the source.

I agree, this should be added.  Probably a command line option.

-- 
/sd

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.