Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!news.cs.indiana.edu!iuvax!mikes
From: mikes@iuvax.cs.indiana.edu (Michael Squires)
Newsgroups: comp.unix.sysv386
Subject: Re: SCO's C2 came to the rescue!!!
Summary: was the threat real?
Keywords: security
Message-ID: <77408@iuvax.cs.indiana.edu>
Date: 10 Dec 90 14:17:24 GMT
References: <36@unigold.UUCP>
Organization: Indiana University, Bloomington
Lines: 22

In article <36@unigold.UUCP> lance@unigold.UUCP (Lance Ellinghouse) writes:
>
>Thus we concluded that someone was TRYING to break in to our
>system but gave up after being locked out after a few tries
>each day... 

I had the same thing happen to me this summer; the problem was that the
system was not connected to anything at all (other than the console
display) and no one had logged in since the last boot.  The security
system had been corrupted by something within the system itself.

I understand that this problem has been fixed by the UFA/UFB fixes but
it did not leave me with a warm furrry feeling....

I have no doubt that C2 security is required in some applications; what
bothers me is not being able to turn off major portions of it when they
are not required.
-- 

Mike Squires (mikes@iuvax.cs.indiana.edu)     812 855 3974 (w) 812 333 6564 (h)
mikes@iuvax.cs.indiana.edu          546 N Park Ridge Rd., Bloomington, IN 47408
Under construction: mikes@sir-alan@cica.indiana.edu