Sam Fourman Jr. wrote: >> Is there a way to login the passwords that were used in the bruteforce >> attack? > > I am siting trying to come up with a good reason why you would give a > damn what passwords they tried? > > I mean for the most part they are scripts trying to BRUTE your ssh port > anyhow.
Not only that, if you read any history of Unix's early days you should come across some instructive stories as to why logging the passwords of failed attempts is now generally considered a really bad idea. Basically has something to do with that between all the garbage from brute force attempts you'll find entries of legitimate attempts with small typos in the password. Suddenly your log file has become really dangerous. --Jon Radel [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
