Argus-info Digest, Vol 77, Issue 14
Rafael Barbosa
rrbarbosa at gmail.com
Fri Jan 20 03:54:54 EST 2012
I am surprised with how many emails discussing this issue. As all argus
community seems to be giving its opinion, here is mine.
I have to agree with Clauss:
> But, what's done is done... I'd be reluctant to change it... could
> potentially cause issues for some people...
The idea of turning it off with a .rarc option is enough not to disturb the
'I want the raw data' crowd.
Rafael Barbosa
http://www.ewi.utwente.nl/~barbosarr/
2012/1/20 Clauss Strauch <cbs at cs.cmu.edu>
> My two cents:
>
> - If one could go back in time and re-do the decision as to whether to
> obfuscate passwords, the ra clients shouldn't do obfuscation. The
> "expected" default behavior from a program that prints out packet data
> is that it will print out packet data, not that it will redact some data
> based on heuristics.
>
> - But, what's done is done. As Carter said, Argus has done obfuscation
> for over 8 years and people have gotten used to the current behavior.
> I'd be reluctant to change it after so long, especially for something
> where the change could potentially cause issues for some people
> (revealing passwords that were previously hidden).
>
> My vote is to keep the current behavior, but document it heavily.
>
>
> -- Clauss Strauch
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120120/205031f8/attachment.html>
More information about the argus
mailing list