Path: utzoo!utgpu!watmath!clyde!att!rutgers!uwvax!uwslh!jiml From: jiml@uwslh.UUCP (James E. Leinweber) Newsgroups: comp.unix.wizards Subject: Re: /etc/failures Message-ID: <407@uwslh.UUCP> Date: 1 Dec 88 17:06:57 GMT Organization: U of Wisconsin-Madison, State Hygiene Lab Lines: 12 Logging the number of failed attempts to sign in on an account, and telling it to the user, is a nice idea. However, disabling accounts is itself a more or less well known security problem! This allows an intruder to deny service to authorized users by spoofing them enough times. If you had servers managed via networks (as opposed to physical consoles), and the guys in the black hats nailed root and all your other administrators this way, regaining control of the machines could be a real chore. -- Jim Leinweber jiml@uwslh.uucp jiml%uwslh.uucp@cs.wisc.edu ...!{rutgers, ucbvax ...}!uwvax!uwslh!jiml State Laboratory of Hygiene @ Univ. of Wisconsin - Madison; (608) 262-0736