/etc/failures
Steven M. Bellovin
smb at ulysses.homer.nj.att.com
Mon Dec 5 01:33:36 AEST 1988
In article <43200055 at uicsrd.csrd.uiuc.edu>, kai at uicsrd.csrd.uiuc.edu writes:
> 1) If a login of a single account name at a single terminal fails 3 times in
> a row within a short period of time, that account is temporarily disallowed
> from logging in on that terminal.
> 2) If a login of a single account at multiple terminals fails 3 times in a
> row, the account is temporarily disallowed from logging in at any terminal.
> 3) If logins of any accounts at a single terminal fails 6 times in a row,
> that terminal is temporarily disabled.
What's a ``terminal'' to be disabled? I'm serious. What you suggest
may or may not have merit in an environment where most access is via
hard-wired lines these days, however, the real threats are via networks
or dial-up connections. Even in a campus environment, many (most?)
folks are using some sort of port selector, front-end switch, Ethernet
TAC, etc. It's rare that any physical port can be associated with a
login attempt.
More information about the Comp.unix.wizards
mailing list