On Wednesday, November 27, 2002, at 11:37 AM, [EMAIL PROTECTED] wrote:
Well, the entire issue came to light at a site for which I have acted as a network consultant in the past. I setup a Redhat Linux / Samba server for them over 4 years ago, and they have been happily using it ever since. It replaced an NT4 server that they had nothing but grief with. I've been in once or twice over the years to help the local MIS guy at this company do things like OS upgraded to the box.What is your timeframe on this ? Do you need it to work on 2.2.x or later ? It certainly seems something we need to add for 3.0 at least.
Now their corporate headquarters has identified this issue (unlimited login attempts allowed) as the primary violation on a recent security audit of the network in this branch office of the company. I think they have only given the local MIS guy a few days to achieve compliance.
From a personal standpoint, 3.0 is soon enough. For the company involved, I think they may end up switching to plaintext passwords as a temporary solution. I've had a conversation with them today, and it sounds like the local guys are willing to do that for the short-term.....
--
Jim Morris ([EMAIL PROTECTED])
