Argus-info Digest, Vol 77, Issue 14

Clauss Strauch cbs at cs.cmu.edu
Thu Jan 19 19:09:03 EST 2012


My two cents:

- If one could go back in time and re-do the decision as to whether to
obfuscate passwords,  the ra clients shouldn't do obfuscation.  The
"expected" default behavior from a program that prints out packet data
is that it will print out packet data, not that it will redact some data
based on heuristics.

- But, what's done is done.  As Carter said, Argus has done obfuscation
for over 8 years and people have gotten used to the current behavior.
I'd be reluctant to change it after so long, especially for something
where the change could potentially cause issues for some people
(revealing passwords that were previously hidden).

My vote is to keep the current behavior, but document it heavily.


           -- Clauss Strauch






More information about the argus mailing list