[horde] Clarification of "User is not authorized for imp"

Michael J Rubinsky mrubinsk at horde.org
Tue Jul 30 16:00:25 UTC 2013


Quoting lst_hoe02 at kwsoft.de:

> Zitat von Ralf Lang <lang at b1-systems.de>:
>
>> On 30.07.2013 16:47, Kareem Dana wrote:
>>> It is at the emergency level here and on my FreeBSD machine that also logs
>>> to the system console which is quite annoying but I can change that with
>>> syslog.
>>>
>>> I believe, at least on my site, this will generate a lot of false positives
>>> and it gives me no information that httpd-access.log doesn't give me
>>> already since the log is generated right when a user connects to
>>> "/horde/imp" before attempting to even login.
>>>
>>> We will see though - I don't think a DoS would be a big problem. Worst case
>>> is that that that specific log message fills the horde logs and syslog
>>> rotates them more often. My concern is that if the goal of this log message
>>> is to alert the administrator of a potential attack but it also logs so
>>> many false positives it just may not be that useful of a log message as it
>>> stands now. I will deploy this new version soon and see how it  
>>> looks though.
>>>
>>> Thanks,
>>> Kareem
>>
>> If you are concerned about dos, you can configure temporary login
>> locking after several failed attempts in the admin/horde/auth tab.
>
> No, this are not real login attempts but simply clients (mostly  
> iCal/CalDAV/ActiveSync) trying all kind of URLs despite the fact  
> that they are not logged in anymore.

FWIW, a real ActiveSync client should never access a url other than  
/Microsoft-Server-ActiveSync and this URL should not generate this  
error, even if the user is not authenticated yet.
-- 
mike

The Horde Project (www.horde.org)
mrubinsk at horde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 2200 bytes
Desc: PGP Public Key
URL: <http://lists.horde.org/archives/horde/attachments/20130730/6dea1f0a/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6062 bytes
Desc: S/MIME Signature
URL: <http://lists.horde.org/archives/horde/attachments/20130730/6dea1f0a/attachment-0001.bin>


More information about the horde mailing list