From owner-freebsd-questions Thu Feb 25 18:31:20 1999 Delivered-To: freebsd-questions@freebsd.org Received: from fir.calcasieu.com (fir.calcasieu.com [209.99.46.67]) by hub.freebsd.org (Postfix) with ESMTP id 46F6514E8C for ; Thu, 25 Feb 1999 18:31:17 -0800 (PST) (envelope-from sysop@calcasieu.com) Received: from ns (cruft.austin.calcasieu.com [192.168.170.124]) by fir.calcasieu.com (8.8.8/8.8.8-2.0) with SMTP id UAA24183 for ; Thu, 25 Feb 1999 20:31:00 -0600 (CST) Message-Id: <3.0.5.32.19990225203100.008c9bf0@mail> X-Sender: sysop@mail X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Thu, 25 Feb 1999 20:31:00 -0600 To: From: Don Read Subject: Re: Security question Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG (missed the cc, sorry) >Date: Thu, 25 Feb 1999 20:30:00 -0600 >To: Alan Weber >From: Don Read >Subject: Re: Security question >In-Reply-To: <19990225195931.A14743@austin.rr.com> >References: <19990225162636.A46163@wopr.caltech.edu>; from Matthew Hunt on Thu, Feb 25, 1999 at 04:26:36PM -0800> <913B8C252194D2119BD500805F3181789704F6@za12nt02.mweb.com> <19990225162636.A46163@wopr.caltech.edu> > >back on 07:59 PM 2/25/99 -0600, you said: >>On Thu, Feb 25, 1999 at 04:26:36PM -0800, Matthew Hunt wrote: >>--> On Thu, Feb 25, 1999 at 09:23:03PM +0200, Langa Kentane wrote: > > > >>--> > lockout an account after a certain number of unsuccessful logons. >>--> >>--> I don't know offhand how to do that, but one thing to keep in >>--> mind is that if you lock out a user because of too many unsuccessful >>--> logins, then anybody can deny service to one of your users by >>--> logging in unsuccessfully. > > > >> >> I would prefer to have the system insert an increasing delay that grows to 60 seconds or some configurable value with a decay to zero after a while. I still think that having a secure cryptic password should be adequate. One useful feature would be to add password policies to FreeBSD. Min length/format/etc. >> > >Agreed, SCO & DG/UX have it. Bad password ? go to sleep for 10 seconds. > >Or no lock-outs on UID zero accounts. > >Regards, -- Don Read sysop@calcasieu.com EDP Manager dread@texas.net Calcasieu Lumber Co. Austin TX - There cannot be a crisis next week. My schedule is already full. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message