Date: Sun, 15 Dec 1996 17:10:51 -0600 (CST) From: Aleph One <aleph1@dfw.net> To: Terry Lambert <terry@lambert.org> Cc: rb@gid.co.uk, proff@iq.org, security@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Re: vulnerability in new pw suite Message-ID: <Pine.SUN.3.94.961215170853.28978A-100000@dfw.dfw.net> In-Reply-To: <199612152221.PAA24138@phaeton.artisoft.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 15 Dec 1996, Terry Lambert wrote: > Try five failed login attempts to telnet on a Sun machine. It delays > (and reports) each failed attempt, and drops the connection (after as > huge delay) after the fifth. Try su on a Solaris machine and if it takes to long hit ^C. The attempt will not be logged. You assume all such attems will be logged and trigger some alarm. You also assume the are trigger on all system that can verify a password. Thats a lot of assumtions. Its easier to cut bad passwords at the source. > Regards, > Terry Lambert > terry@lambert.org > --- > Any opinions in this posting are my own and not those of my present > or previous employers. > Aleph One / aleph1@dfw.net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.94.961215170853.28978A-100000>