Path: utzoo!attcan!uunet!mcsun!ukc!dcl-cs!gdt!gdr!exspes
From: exspes@gdr.bath.ac.uk (P E Smee)
Newsgroups: comp.unix.wizards
Subject: Re: What should the password/security/userinfo/login system include?
Message-ID: <1989Dec18.120726.13883@gdt.bath.ac.uk>
Date: 18 Dec 89 12:07:26 GMT
References: <4180@sbcs> <1989Dec7.172233.10130@chinet.ch>
Reply-To: exspes@gdr.bath.ac.uk (P E Smee)
Organization: University of Bristol c/o University of Bath
Lines: 15

In article <1989Dec7.172233.10130@chinet.ch> les@chinet.chi.il.us (Leslie Mikesell) writes:
>I want logging of *all* keystrokes during a failing attempt at logging
>in (more to allow me to help with the problem, but it would also
>help detect intruders).

DO MAKE SURE not to make your logfile publicly readable, or you'll have
created an even bigger security hole.  Even if you only collect the
response to the login: prompt, one of the favourite user errors is to
get out of sync with login, and to type their password when the system
is expecting their login name.  In that case, they usually get back
into sync, and so the response to the next login: prompt is usually the
username which belongs to that password.
-- 
Paul Smee, Univ of Bristol Comp Centre, Bristol BS8 1TW, Tel +44 272 303132
 Smee@bristol.ac.uk  :-)  (..!uunet!ukc!gdr.bath.ac.uk!exspes if you MUST)