[horde] Clarification of "User is not authorized for imp"
Ralf Lang
lang at b1-systems.de
Tue Jul 30 15:05:07 UTC 2013
On 30.07.2013 16:47, Kareem Dana wrote:
> It is at the emergency level here and on my FreeBSD machine that also logs
> to the system console which is quite annoying but I can change that with
> syslog.
>
> I believe, at least on my site, this will generate a lot of false positives
> and it gives me no information that httpd-access.log doesn't give me
> already since the log is generated right when a user connects to
> "/horde/imp" before attempting to even login.
>
> We will see though - I don't think a DoS would be a big problem. Worst case
> is that that that specific log message fills the horde logs and syslog
> rotates them more often. My concern is that if the goal of this log message
> is to alert the administrator of a potential attack but it also logs so
> many false positives it just may not be that useful of a log message as it
> stands now. I will deploy this new version soon and see how it looks though.
>
> Thanks,
> Kareem
If you are concerned about dos, you can configure temporary login
locking after several failed attempts in the admin/horde/auth tab.
--
Ralf Lang
Linux Consultant / Developer
Tel.: +49-170-6381563
Mail: lang at b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg / http://www.b1-systems.de
GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.horde.org/archives/horde/attachments/20130730/d3eff977/attachment.bin>
More information about the horde
mailing list