You are not logged in.

Plain Text Passwords logged by Supervision Server

Dear visitor, welcome to Palo Community Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

skitzandroid

Trainee

  • "skitzandroid" started this thread

Posts: 1

Date of registration: Nov 2nd 2011

  • Send private message

1

Wednesday, November 2nd 2011, 1:26am

Plain Text Passwords logged by Supervision Server

Hi All,

We recently discovered that our Supervision Server is logging and displaying plain text passwords.

Since we are using LDAP integrated authentication, we cannot go live with this kind of security risk, given that anyone could use this application to harvest passwords.

I would like to know:
  • Why does Palo log plain text passwords?
  • How do we disable this function so that Palo will not accept or log plain text passwords

Any help would be greatly appreciated.

tish1

Sage

Posts: 761

Date of registration: Jul 13th 2009

Location: Vienna / Austria

Occupation: Senior Consultant @ Vector SW DV GmbH

  • Send private message

2

Thursday, November 3rd 2011, 9:53pm

Hi,

securing Palo's data files was on the agenda for 3.3. Maybe they took care of SVS as well ...

Regards.
Robert Tischler
Senior Consultant Vector SW DV GmbH

Similar threads

Used tags

password, security, supervision

Rate this thread