Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!think.com!hsdndev!cmcl2!adm!news
From: sct60a.sunyct.edu!buck@sct60a.sunyct.edu (Jesse R. Buckley, Jr.)
Newsgroups: comp.unix.wizards
Subject: Re: new password idea
Message-ID: <26677@adm.brl.mil>
Date: 25 Apr 91 19:40:26 GMT
Sender: news@adm.brl.mil
Lines: 24

On Apr 24, 17:06, Steven Bellovin wrote:
} Subject: Re: new password idea
} In article <1991Apr24.004539.3881@mp.cs.niu.edu>, bennett@mp.cs.niu.edu (Scott Bennett) writes:
} } 
} }      On some of our non-UNIX systems we use a security package that has
} } another useful feature:  after a certain number of bad passwords are
} } given consecutively for a logonid, the logonid is suspended.  No
} } further access is allowed for that logonid until someone with authority
} } to reactivate it has become involved.  While this in itself offers
} } an avenue for abuse
} 
} Yup -- it's a great way to lock out the system administrators when
} you're ready to do some serious monkey business.  Or you can lock out
} anyone else you don't like.  This is known as a denial-of-service
} attack.
}-- End of excerpt from Steven Bellovin

I love this.  Basically this is a way to show the 'brown shirts' that the
fancy special accounting they have set up can be just as much of a problem to
them as well...

-- 
-Buck (buck@sct60a.sunyct.edu)
"So this is a leap second?" -- Me at 6:59:60 pm on Mon Dec 31, 1990