Date: Tue, 11 Feb 2003 02:27:30 -0800 From: David Schultz <dschultz@uclink.Berkeley.EDU> To: Julian Elischer <julian@elischer.org> Cc: hackers@FreeBSD.ORG, des@FreeBSD.ORG Subject: Re: Some "security" questions. Message-ID: <20030211102730.GB2570@HAL9000.homeunix.com> In-Reply-To: <Pine.BSF.4.21.0302101752500.49102-100000@InterJet.elischer.org> References: <Pine.BSF.4.21.0302101752500.49102-100000@InterJet.elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thus spake Julian Elischer <julian@elischer.org>: > > Our client wants the following 'features' > and we'd LIKE to be able to at least say "yes we can do that", even if > we can also say "but we don't think it's a good idea". > > > 1/ Command logging. We're thinking that a hacked version of the shell > that logs commands may do what they want, but personally I > think that if you are going to log things then you really want to > PROPERLY do it, and log the EXEC commands along with the arguments. > (sadmin et al. doesn't give arguments, and neither does ktrace) > > 2/ they want to disable a login if it fails 'n' sequential logins > anywhere in the system. i.e. 2 on one machine followed by another on > another machine. For #1, I'd try to convince them that process accounting is close enough, and extend process accounting if they disagree. For #2, I'd try to convince them that their threat model is way out of whack and get new clients if they disagree. CapitalOne implemented #2 for their online credit card account management system, and people would launch DOS attacks as you describe by guessing random logins, so customer service learned to change peoples' passwords whenever they asked... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030211102730.GB2570>