On Wed, 9 Jul 1997, Leigh Porter wrote:
> I am sure squid could easily filter out ftp://usr:passwd@host.tld and
> not log it.
Actually, I'd rather they be left there - it makes it much easier to pick
out when users are doing "naughty" things (eg., "ftp://warez:"), or if the
logs are required as evidence at any time then "full disclosure" makes
tracking and investigation much, much easier/quicker.
Yes, putting logins/IDs into the URL is dumb; yes, it means you have to
secure the area where the logs are stored. That's life...
Cheers..
dave
Received on Wed Jul 09 1997 - 03:49:10 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:35:42 MST