Password choices
PAAAAAR%CALSTATE.BITNET at cunyvm.cuny.edu
PAAAAAR%CALSTATE.BITNET at cunyvm.cuny.edu
Thu Jul 21 13:32:19 AEST 1988
(Root Boy) Jim Cottrell <rbj at icst-cmr.arpa>
writes
>Note: DO NOT log the attempted password! At least not to a file......
>.....
Yes - if its in a file, and the system is cracked it can be be removed,
and (if the cracker is clever) all trace of the breakin lost.
The place for this info is a permanent WOM (Write Only Memory) - I prefer
a priniting console type device, with TWO copies, locked up in the
machine room, Because if anyone gets physically to the powerswitch
you are wide open any way, soo leaving a paper record there makes littl
difference.
I have detected and analysed three attempts at cracking our system. We
could prove that it was a local hischooler who had once taken a BASIC
class on Campus...using the console log.
>? [...what to do with multiple login attempts...]
>A more fiendish approach is to set a flag after three attempts...
In May 1986 I published an article in the Communications of The
Association for Computing Machinary (vol 29, No 5, pp416-417) on
"Novel Security Techniques for Online Systems". In this I suggested
the deliberate creation of a "Negative Security Zone" which is easy to
get into, impossible to get out of (except by logging out) and provably
secure. It has two main purposes:
(1) Advertising
(2) A Hacker Trap for repeated login attempts.
The Unix implementation was carried out by an intern (John where are you??)
and myself. I hacked up a /usr/contrib/sys/login.c program and John wrote
the FREindly SHell (fresh). All guests run under 'fresh' - which is
VERY easy to use (but with NO UNIX functionallity other than mail and
local 'cat').
After three attempts the 'user' is logged in as an 'accidental guest'
with user name 'a', read/write access to /usr/guest (ONLY) running
under /bin/fresh.
Consequence - the naive think they have broken in - and can do know harm.
Users who have forgotten their passwords can mail the system administrator
and beg for help.
Wandering Gurus can make contact and be turned into friends rather than
criminals.
Local crackers/hackers with learn are fed advertising slogans as they
play with the system.
When the port selection hardware forgets things (we get lots of power outages)
the system helps people who are talking to the wrong machine to get
to the right one.
Other refinements - 'root' can not log in. In fact the word 'root'
is never visible to guests. Any attempt to login as root, whether
even with the right password(!) is recorded on paper and rejected.
Access to superuser powers is via 'su' and this has been hacked to
report all 'su's to 'root' - good and bad. WE therefore have a
continuous log of all the times that the system is open to abuse
and who asked to abuse it - again on PAPER.
Another - any 'login' that starts 'login' is spotted, 'help' gives help,
'where' prints out a description of the system and a map, 'when'
runs 'data' as a shell, 'who' runs 'who', 'why' runs 'why' (why not?)...
also we have 'status' as a pseudo login which does a UCB 'w'....
All these 'pseudo-users' are logged in as 'anon' and have a
single (SIMPLE) command as a login shell.
Consequence - No breakins for 2 years - and the number has been
published (714-887-7365) nationally and locally for the most of
that time...
Hum -- I diddn't plan to say all that....
Dick Botting
PAAAAAR at CCS.CSUSCC.CALSTATE(doc-dick)
paaaaar at calstate.bitnet
PAAAAAR%CALSTATE.BITNET@{depends on the phase of the moon}.EDU
Dept Comp Sci., CSUSB, 5500 State Univ Pkway, San Bernardino CA 92407
Disclaimer: I am an only an egg
More information about the Comp.unix.questions
mailing list