Date: Wed, 11 Nov 1998 15:29:35 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: oortiz@LCSI.COM Cc: freebsd-security@FreeBSD.ORG Subject: Re: Intruder Lockout Message-ID: <Pine.BSF.3.96.981111152714.1143B-100000@fledge.watson.org> In-Reply-To: <3286493681000000@LCSI.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
I have always found the lockout behavior of some operating systems a little upsetting; the opportunity for denying service is quite large, especially to the administrator. On the other hand, the excluding the administrator from lockout behavior of NT doesn't seem desirable quite right either :). Besides which, suppose someone enters the wrong password in the POP or IMAP mail reader -- it may retry the connection several times (if set to check mail often) before the user notices, and lockout can occur quickly in that kind of situation. Probably the best solution is to enforce better passwords, or use of PK-based authentication. Or one-time passwords. On Wed, 11 Nov 1998 oortiz@LCSI.COM wrote: > > Is there anyway to have an Intruder Lockout in FreeBSD? Like if > someone is trying to hack into my system with a certain user account, > and if after 3 to 5 attempts of typing in the wrong password, will the > system lock out the account instead of letting him try again like > Netware does? > > Many Thanks... > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > Robert N Watson Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981111152714.1143B-100000>