[horde] Clarification of "User is not authorized for imp"
lst_hoe02 at kwsoft.de
lst_hoe02 at kwsoft.de
Tue Jul 30 15:41:40 UTC 2013
Zitat von Ralf Lang <lang at b1-systems.de>:
> On 30.07.2013 16:47, Kareem Dana wrote:
>> It is at the emergency level here and on my FreeBSD machine that also logs
>> to the system console which is quite annoying but I can change that with
>> syslog.
>>
>> I believe, at least on my site, this will generate a lot of false positives
>> and it gives me no information that httpd-access.log doesn't give me
>> already since the log is generated right when a user connects to
>> "/horde/imp" before attempting to even login.
>>
>> We will see though - I don't think a DoS would be a big problem. Worst case
>> is that that that specific log message fills the horde logs and syslog
>> rotates them more often. My concern is that if the goal of this log message
>> is to alert the administrator of a potential attack but it also logs so
>> many false positives it just may not be that useful of a log message as it
>> stands now. I will deploy this new version soon and see how it looks though.
>>
>> Thanks,
>> Kareem
>
> If you are concerned about dos, you can configure temporary login
> locking after several failed attempts in the admin/horde/auth tab.
No, this are not real login attempts but simply clients (mostly
iCal/CalDAV/ActiveSync) trying all kind of URLs despite the fact that
they are not logged in anymore.
Regards
Andreas
More information about the horde
mailing list