1. Forum
  2. Usenet Intenat
  3. ALT.BBS.MYSTIC

  • Passwords in node#.log

    From Jay Harris@1:229/2 to All on Monday, June 15, 2020 14:25:43
    From: nospam.Jay.Harris@f664.n229.z1.binkp.net

    Hi All,

    I've never really gone through the logs very much, only if there was a
    problem that needed sorting out. Today happened to be one of those days,
    while combing through node1.log I noticed something interesting:

    ------------------- Node 1 (Mystic v1.12 A45 2020/02/18)
    2020.06.15 14:16:29 Connect from 10.0.1.49 (E7470-9NJCV)
    2020.06.15 14:16:29 Connection by RLogin
    2020.06.15 14:16:29 RLogin user warpslide pass *my password!* term ANSI-BBS 2020.06.15 14:16:29 Set time left 4 TE=860
    2020.06.15 14:16:29 MPL execute: c:\mystic\themes\default\scripts\botcheck.mpx 2020.06.15 14:16:31 Warpslide logged in

    I use RLogin to log into my board, mostly because it's quick, easy &
    supports door games. It seems that RLogin users have their password written
    to the logfile whereas Telnet & SSH users do not:

    ------------------- Node 1 (Mystic v1.12 A45 2020/02/18)
    2020.06.15 14:15:08 Connect from 10.0.1.49 (E7470-9NJCV)
    2020.06.15 14:15:08 Connection by SSH
    2020.06.15 14:15:08 SSH handshake successful
    2020.06.15 14:15:08 Set time left 4 TE=859
    2020.06.15 14:15:08 MPL execute: c:\mystic\themes\default\scripts\botcheck.mpx 2020.06.15 14:15:11 Warpslide logged in

    ------------------- Node 1 (Mystic v1.12 A45 2020/02/18)
    2020.06.15 14:15:28 Connect from 10.0.1.49 (E7470-9NJCV)
    2020.06.15 14:15:28 Connection by Telnet
    2020.06.15 14:15:28 Set time left 4 TE=859
    2020.06.15 14:15:28 MPL execute: c:\mystic\themes\default\scripts\botcheck.mpx 2020.06.15 14:15:35 Warpslide logged in


    Is there a setting somewhere I can turn logging passwords off? I do have the PBKDF2 SHA512 Hash option set, but these logs kind of defeat that purpose.

    Jay

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From Jay Harris@1:229/2 to All on Monday, June 15, 2020 15:49:49
    From: nospam.Jay.Harris@f664.n229.z1.binkp.net

    On 15 Jun 2020, g00r00 said the following...

    That was a temporary log in that build. It doesn't log in the current builds if you upgrade to the latest at:

    www.mysticbbs.com/downloads/prealpha

    Awesome, looks good now! Thanks!

    ------------------- Node 1 (Mystic v1.12 A46 2020/06/11)
    2020.06.15 15:47:07 Connect from 10.0.1.49 (E7470-9NJCV)
    2020.06.15 15:47:07 Country: Unknown
    2020.06.15 15:47:07 Connection by RLogin
    2020.06.15 15:47:07 RLogin user warpslide term ANSI-BBS
    2020.06.15 15:47:07 Set time left 4 TE=951


    Jay

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)
  • From g00r00@1:229/2 to All on Monday, June 15, 2020 15:07:10
    From: nospam.g00r00@f215.n129.z1.binkp.net

    I use RLogin to log into my board, mostly because it's quick, easy & supports door games. It seems that RLogin users have their password written to the logfile whereas Telnet & SSH users do not:

    That was a temporary log in that build. It doesn't log in the current builds if you upgrade to the latest at:

    www.mysticbbs.com/downloads/prealpha

    --- SoupGate-Win32 v1.05
    * Origin: www.darkrealms.ca (1:229/2)