Path: utzoo!attcan!uunet!tut.cis.ohio-state.edu!network!ucsd!rutgers!phri!roy From: roy@phri.UUCP (Roy Smith) Newsgroups: comp.unix.wizards Subject: Re: Unix network security (was "CERT Internet Security Advisory") Message-ID: <3942@phri.UUCP> Date: 17 Aug 89 23:34:00 GMT References: <3855@fy.sei.cmu.edu> <1064@accuvax.nwu.edu> Reply-To: roy@phri.UUCP (Roy Smith) Organization: Public Health Research Inst. (NY, NY) Lines: 22 In <1064@accuvax.nwu.edu> phil@delta.eecs.nwu.edu (William LeFebvre) writes: > When /bin/login knows it is processing a remote login, why can't it > check the hostname against a list of "allowed" hosts? I can't find any problems with William's suggestion, but would add one more idea. Before allowing a shot at a username/password, require a network access password. The same thing could be done for dial-up access, but this is less of a problem. This password would be picked by the system administrator, (theoretically) ensuring that it wasn't an obvious one, like lusers tend to pick. This is not a new idea, but seems to be implemented only in very security concious sites; perhaps it should be the default way vendors ship their systems. Multiple failures to get the network access password right should be logged in the system security log. Actually, I can find one problem with William's suggestion. Just like people tend to pick poor passwords, I suspect many people would put "*" in their .netaccess files, effectively defeating the whole idea. -- Roy Smith, Public Health Research Institute 455 First Avenue, New York, NY 10016 {att,philabs,cmcl2,rutgers,hombre}!phri!roy -or- roy@alanine.phri.nyu.edu "The connector is the network"