On Mon, 5 Jan 2015 09:48:28 -0600, Tony's Basement Computer wrote: >DoS, revoke all the non-Special and non-Protected users. > >-----Original Message----- >From: Vernooij, CP (ITOPT1) - KLM > >What is the point in trying to find a valid userid, if the userid will be >suspended after trying 3 invalid passwords (in our situation)? > And here we have a cultural divide. Open systems folks are quite sensitive to the possibility of enumerating user IDs; less sensitive to exhaustive password search, and feel that revoking a user's ID upon detecting password probing invites that form of DoS. If I hadn't noticed my coworker's ID when I inadvertently typoed it, I'd have unwittingly revoked him with repeated password tries.
One interesting approach in a product (ISTR from Simware?) was to increase the login processing latency after each password rejection. And YA product (ISTR IBM VM/370?) logically locked the terminal on detected probing. This caught me once (wasn't mischief, merely clumsiness). I left my terminal emulator connected to the disabled port, opened a new window, and logged in successfuly with the next port in the hunt. YA DoS potential. It's interesting (if I believe the news reports and Obama) that North Korea was able to hack Sony in retribution. This appears to be not a shotgun blast but a narrowly targeted attack. It could have been any one selected of many victims. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
