Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!ucbvax!hplabs!sm.unisys.com!csun!polyslo!steve From: steve@polyslo.CalPoly.EDU (Steve DeJarnett) Newsgroups: comp.sys.pyramid Subject: Re: Gratuitous console msgs Message-ID: <3508@polyslo.CalPoly.EDU> Date: 30 Aug 88 21:23:32 GMT References: <20@usl-pc.usl.edu> <3495@polyslo.CalPoly.EDU> <20968@tut.cis.ohio-state.edu> Reply-To: steve@polyslo.UUCP (Steve DeJarnett) Distribution: na Organization: Lab Rat Rumpus Room -- Cal Poly SLO Lines: 49 In article <20968@tut.cis.ohio-state.edu> karl@triceratops.cis.ohio-state.edu (Karl Kleinpaste) writes: >steve@polyslo.calpoly.edu writes: > Another annoying "feature", introduced in OSx4.4 > is the fact that when there are bad login messages, they only > report which tty the bad login occured on, and not what/who it was. > >There is in fact at least one good reason for this. Sometimes people >make a mistake in their login sequence, and inadvertently type their >password at the login: prompt. Not only does it echo on their screen >for all those people looking over their shoulder to read, but if the >`login name' is logged as part of the BADLOGIN or BADREMOTE to the >console, then anyone in the machine room can see your password, too. >We don't own our entire machine room; other departments have equipment >in there, too, and one 98xe is in a semi-public Macintosh lab, guarded >only by the lab monitor on duty. This is a valid point, but, for those of us who do own our machine room, it would be nice to be able to detect bad logins. Even nicer would be something like SunOS where it says something to the effect of: 'Repeated bad logins on tty?? as ' This would eliminate the case where Joe User typed his login and password in at the wrong times and having them show up on the console. This would also cut down on the number of these bad login messages that displace what might be 'real' problem messages on the console. >Personally, I want to be able to configure whether or not the login >name appears in the BAD{LOGIN,REMOTE} messages. Stop hard-coding >these difficult choices. Yes. If we can't have it the way I mentioned above, how about something like this. In a University environment, there are often a number of people who go around trying to get into other people's accounts by trying random passwords. I've been able to warn users in the past due to these messages on the console, but now all I know is that someone out there is trying to break into someones account, but I have no idea whose it is. I suppose I could check the log files (if those are even still maintained properly -- I don't know, as I haven't checked recently), but there should be some way to decide based on your own situation. > >--Karl ------------------------------------------------------------------------------- | Steve DeJarnett | Smart Mailers -> steve@polyslo.CalPoly.EDU | | Computer Systems Lab | Dumb Mailers -> ..!ucbvax!voder!polyslo!steve | | Cal Poly State Univ. |------------------------------------------------| | San Luis Obispo, CA 93407 | BITNET = Because Idiots Type NETwork | -------------------------------------------------------------------------------