Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!philabs!cmcl2!seismo!gatech!gitpyr!kludge From: kludge@gitpyr.UUCP (Scott Dorsey) Newsgroups: net.crypt Subject: Re: foiling password crackers Message-ID: <1460@gitpyr.UUCP> Date: Sun, 23-Feb-86 15:00:59 EST Article-I.D.: gitpyr.1460 Posted: Sun Feb 23 15:00:59 1986 Date-Received: Wed, 26-Feb-86 05:03:44 EST References: <100900001@haddock.UUCP> <588@bentley.UUCP> <887@kuling.UUCP> <9281@ucla-cs.ARPA> Reply-To: kludge@gitpyr.UUCP (Scott Dorsey) Organization: Georgia College Of Universal Knowledge Lines: 27 In article <9281@ucla-cs.ARPA> das@ucla-cs.UUCP (David Smallberg) writes: >Or, if your system can support it, how about this: > > After N bad attempts at guessing a password, voila`! The penetrator >succeeds at logging in. Of course, what he really gets is a special >shell that logs everything (and notifies the appropriate administrators); >of course, his userid is not that of any real user. The special shell looks >real enough to keep the bad guy occupied for a while (the better to collect >evidence). Obvious things to do include giving doctored responses to requests >to see the password file or to see what programs are available. Intriguing >program names or logon ids might keep him interested longer. I have seen similar systems with exactly the opposite purpose; they prompt a user for his account and password, mail the information to a given user (to pick up later), then give a message saying that the system is overloaded, and to try again. Then they log out and the user tries to log in again, this time successfully. In fact, I got caught by one of them a while back. Just a short little diversion to say that perhaps they might recognize their own methods. ------- Disclaimer: Everything I say is probably a trademark of someone. But don't worry, I probably don't know what I'm talking about. Scott Dorsey ICS Programming Lab, Georgia Insitute of Technology, Atlanta Georgia, 30332 ...!{akgua,allegra,amd,hplabs,ihnp4,seismo,ut-ngp}!gatech!gitpyr!kludge