[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] another suggestion: security improvements

Subject: Re: [cobalt-security] another suggestion: security improvements
From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
Date: Fri, 15 Sep 2000 22:53:03 +0100 (BST)

On Fri, 15 Sep 2000, Florian Effenberger wrote:

> Hi,
> 
> I have another suggestion: more security improvements. The admin user
> should get a message (if he enables it), when a
> 
> * POP3
> * telnet
> * su
> * SMTP
> * IMAP
> * FTP
> * WEB/htaccess
> 
> failure logon occurs. Example: someone tries logging in as root/admin
> via telnet with the wrong password -> mail is being sent to the
> administrator.
> 
> Thanks,
> Florian

This is fine, except you are asking for DoS attacks (somebody runs a brute
force program against telnet and you'd have a massive root mailbox).

I'd rather Cobalt made a section in the Admin interface to view the log 
files, and filter them for things like failed logins.  One could only
wish.

References:
- [cobalt-security] another suggestion: security improvements
  - From: Florian Effenberger

Prev by Date: Re: [cobalt-security] wish to Cobalt: using the most actual versions
Next by Date: Re: [cobalt-security] suggestion: chmod the files
Previous by thread: Re[2]: [cobalt-security] another suggestion: security improvements
Next by thread: [cobalt-security] suggestion: chmod the files

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index