> -----Original Message-----
> From: IBM Mainframe Discussion List On Behalf Of Binyamin Dissen
>
> On Mon, 29 Nov 2010 04:39:54 -0600 Brian Westerman
> <brian_wester...@syzygyinc.com> wrote:
>
> :>It's kind of difficult to use a brute force attack when RACF revokes
the ID
> :>after a site specified number of attempts. Assuming the site
doesn't allow
> :>1 or 2 character passwords (you don't do you), even if the site were
to
> :>allow 100 attempts, it's statistically a REALLY long shot to guess
the
> :>password. I would imagine that most sites have 3 or 4 as the number
of
> :>attempts, making the probability for success of a brute force attack
too
> :>remote to consider as they wouldn't even get out of the single
character
> :>attempts.
>
> If you have the offload, you can make as many attempts as you wish.
But the "offload" (did you mean "unload", as produced by IRRDBU00?)
doesn't contain the password....
If you meant "backup", then your point is valid.
-jc-
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
