Hashing of usernames in syslog
Erik Klavon
erik at eriq.org
Sat Sep 28 23:38:33 UTC 2002
On Sat, Sep 28, 2002 at 11:29:13AM -0700, Russ Allbery wrote:
> Why not just use MD5? Then you don't have to require SSL; MD5 comes with
> INN already.
Sure.
> I assume the intention is to obfuscate the usernames so that you're not
> storing specific user information but can still associate connections?
> I'm not sure how generally useful this is, in large part because given all
> the information that's logged, it wouldn't be particularly hard to map
> things back to a username again if the person ever posts. Or just check
> RADIUS logs or the like to see what the IP address maps to.
It's the usernames themselves I'm most concerned with. The usenet
server in question will be performing proxy authentication with a
central authentication system, based on Kerberos. The group which
administers the authentication service is generally against proxy
authentication since it violates the Kerberos security model. I'm
sympathetic to that view, but feel that this service (off-campus
access to usenet, mainly for posting to restricted groups in the ucb.*
hierarchy) if made secure warrants an exception. The usernames are
generally official student or employee id numbers, which adds to the
concern. This isn't a major vulnerability, but something I was
thinking about as part of the entire approach to securing the server.
Erik
--
erik | "It is idle to think that, by means of words, | Maurice
kl at von | any real communication can ever pass | Maeterlinck
eriq.org | from one [human] to another." | Silence
More information about the inn-workers
mailing list