Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site well.UUCP
Path: utzoo!linus!decvax!decwrl!amdcad!lll-crg!well!rab
From: rab@well.UUCP (Bob Bickford)
Newsgroups: net.crypt
Subject: Re: foiling password crackers
Message-ID: <668@well.UUCP>
Date: Tue, 18-Feb-86 01:34:16 EST
Article-I.D.: well.668
Posted: Tue Feb 18 01:34:16 1986
Date-Received: Wed, 19-Feb-86 07:28:22 EST
References: <1075@decwrl.DEC.COM>
Organization: Whole Earth Lectronic Link, Sausalito, CA
Lines: 32

In article <1075@decwrl.DEC.COM>, moroney@jon.DEC (Mike Moroney) writes:
> 
> >Turning off the ability to successfully login on a dialup line (even
> >only for awhile) seems like a good way to allow password crackers
> >to tangle up enough dialup lines to make it hard for legit users
> >to log in.  There are people who would just love doing things like
> >that just to cause trouble.
> 
> With many phone systems they can do this anyway, the called line is NOT
> released until the CALLER hangs up.  All such a person needs to do on such
> a system is call the modem and leave his phone off the hook.  If you are
> curious if your phone system is like this, try the following:
> 1) Call a friend.
> 2) Have friend hang up.  You do not hang up.

  At this point, you forgot to say "wait at least 30 seconds".  Many phone
systems will 'hold' the line for a few seconds, to avoid glitches (read:
disconnections) in the case of a bad line.  I believe this works for both
the caller and the receiver (but am not sure).
  Then, resuming with Mike's instructions:

> 3) Have friend pick up his receiver again.
> 4) If you are still connected, you have this type phone system.
> 
> This will not work with long distance.
> 


       Robert Bickford     (rab@well.uucp)
================================================
|  I doubt if these are even my own opinions.  |
================================================