Path: utzoo!utgpu!watmath!clyde!att!rutgers!uwvax!uwslh!jiml
From: jiml@uwslh.UUCP (James E. Leinweber)
Newsgroups: comp.unix.wizards
Subject: Re: /etc/failures
Message-ID: <407@uwslh.UUCP>
Date: 1 Dec 88 17:06:57 GMT
Organization: U of Wisconsin-Madison, State Hygiene Lab
Lines: 12

Logging the number of failed attempts to sign in on an account, and
telling it to the user, is a nice idea.  However, disabling accounts
is itself a more or less well known security problem!  This allows an
intruder to deny service to authorized users by spoofing them enough
times.  If you had servers managed via networks (as opposed to
physical consoles), and the guys in the black hats nailed root and all
your other administrators this way, regaining control of the machines
could be a real chore.
-- 
Jim Leinweber		jiml@uwslh.uucp		jiml%uwslh.uucp@cs.wisc.edu
 ...!{rutgers, ucbvax ...}!uwvax!uwslh!jiml
State Laboratory of Hygiene @ Univ. of Wisconsin - Madison; (608) 262-0736