SUMMARY: username lockout

From: Marc Gibian (gibian%typhoon@stars1.hanscom.af.mil)
Date: Thu Mar 23 1995 - 03:56:54 CST


I have recieve two main themes of responses...

1. You don't want to do this as it opens up a very simple "denial of
service" attack.

My customer has already decided they prefer the vulnerability to this
attack in favor of protecting against automated attacks against
passwords enabled by leaving an account active after more than a
"reasonable" number of bad-password login attempts.

2. Buy PDC.

I have appended all of the latter responses for your reference.

Thanks everyone for your help,

Marc S. Gibian
Telos Consulting Services phone: (617) 377-6350
PRISM/TFS email: gibian@stars1.hanscom.af.mil

-----------------------------------------------------------------------

PDC, a nation-wide VAR, brings a total solution approach to network
management - one-stop shopping for hardware, software, consulting,
integration, installation, training and services. PDC, with its product
line and essential technical services has become one of SUN MICROSYSTEMS
largest VAR in the nation.

PDC has also been on the cutting edge of product development with innovative
software solutions that utilize non-proprietary formats- like BUDTOOL and
BUDTURBO for netwrk data backup and restoration, MIGTOOL for file migration,
BUDTOOL LIVE for backup on active file systems, and DISKINFO to help control
disk usage.

Now you can go to one place for all your network management tools, PDC
If you would like to know more about PDC and the network tools that we
provide, you may contact me by email or call and I would be happy to
send you additional information and SPECIAL PRICING ON SUN UPGRADES!!

Regards,

   __ __
  / /\ PDC SALES / /\ Kevin West
 / / \ / / \ / / / 225 Great Road, Suite 205
/_/ /\ \ /_/ /\ \ /_/ / __ Littleton, MA 01460
\ \ \/ / \ \ \_\ | \ \ \/ /\ kevin@ma.pdc.com
 \ \ / \ \ \/ / \ \ \/ / 508-952-0077
  \ \ \ \ \ / \ \ / 508-952-0075 Fax
   \_\/ \_\/ \_\/

------------------------------------------------------------------------------

From: Kevin.Sheehan@uniq.com.au (Kevin Sheehan {Consulting Poster Child})
Date: Tue, 21 Mar 1995 12:51:45 EST
X-Mailer: Mail User's Shell (7.1.2 7/11/90)
To: gibian%typhoon@stars1.HANSCOM.AF.MIL (Marc Gibian)
Subject: Re: username lockout after x unsuccessful login attempts?
Status: RO
Content-Length: 576
X-Lines: 13

[ Regarding "username lockout after x unsuccessful login attempts?", gibian%typhoon@stars1.hanscom.af.mil writes on Mar 20: ]

> How does one configure SunOS 4.1.3 such that after some number of
> unsuccessful attempts to login to a username, that username becomes
> disabled until root intervention? Note that I am limited to software
> that is either part of the Sun distribution or a separate commercial
> product.

ARM/ASET - aka SunShield. The ARM product sets policies like this and number
of concurrent logins and hours &c.

-------------------------------------------------------------------------------

From: Glenn.Satchell@uniq.com.au (Glenn Satchell - Uniq Professional Services)
Message-Id: <9503210910.AA04795@upstage.uniq.com.au>
To: gibian%typhoon@stars1.HANSCOM.AF.MIL
Subject: Re: username lockout after x unsuccessful login attempts?
X-Sun-Charset: US-ASCII
Content-Length: 0
Status: RO

You can purchase the Sun ARM software which allows you to do this plus
a whole lot more. Not too expensive from memory.

regards,

--
Glenn Satchell                    glenn@uniq.com.au  | There's  a fine  line
Uniq Professional Services Pty Ltd  ACN 056 279 335  | between  fishing  and
PO Box 70, Paddington, NSW 2021, (Sydney) Australia  | standing on the shore
Phone 02 380 6360 Pager 016 287 000 Fax 02 380 6416  | looking like an idiot.



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:20 CDT