new password idea
Jesse R. Buckley, Jr.
sct60a.sunyct.edu!buck at sct60a.sunyct.edu
Fri Apr 26 05:40:26 AEST 1991
On Apr 24, 17:06, Steven Bellovin wrote:
} Subject: Re: new password idea
} In article <1991Apr24.004539.3881 at mp.cs.niu.edu>, bennett at mp.cs.niu.edu (Scott Bennett) writes:
} }
} } On some of our non-UNIX systems we use a security package that has
} } another useful feature: after a certain number of bad passwords are
} } given consecutively for a logonid, the logonid is suspended. No
} } further access is allowed for that logonid until someone with authority
} } to reactivate it has become involved. While this in itself offers
} } an avenue for abuse
}
} Yup -- it's a great way to lock out the system administrators when
} you're ready to do some serious monkey business. Or you can lock out
} anyone else you don't like. This is known as a denial-of-service
} attack.
}-- End of excerpt from Steven Bellovin
I love this. Basically this is a way to show the 'brown shirts' that the
fancy special accounting they have set up can be just as much of a problem to
them as well...
--
-Buck (buck at sct60a.sunyct.edu)
"So this is a leap second?" -- Me at 6:59:60 pm on Mon Dec 31, 1990
More information about the Comp.unix.wizards
mailing list