How about a few additions to Kens additions :)

1.  The number of "qualifying" logon failures should be configurable.
2.  Add a maintenance utility which will allow the system manager to
    . Display the currently "blacklisted" IPs.
    . Add an IP (or IP mask) to the list.  Allow the setting of a
      flag such that this entry will never be "automatically removed".
    . Remove an IP (or IP mask) from the list regardless of the time
      element.
    . Perform the "cleansing" process immediately.
3.  This should apply to all VT logons and not just TELNET.

Regards,
Michael L Gueterman
Easy Does It Technologies
Allaire Alliance Partner
email: [log in to unmask]
http://www.editcorp.com
voice: (888) 858-EDIT -or- (509) 943-5108
fax:   (509) 946-1170
--


> -----Original Message-----
> From: HP-3000 Systems Discussion [mailto:[log in to unmask]]On
> Behalf Of Sletten Kenneth W
> Sent: Wednesday, December 02, 1998 9:16 PM
> To: [log in to unmask]
> Subject: Re: [HP3000-L] HP3000/Internet Security
>
<snip>

> May I suggest one additional refinement:  If and when we can
> get HP to do this, while they are at it allow for a *configurable*
> number of hours between "purge all IP addresses"...  oh, and it
> should be configurable *online*.... If nothing else, remember that
> there are weekends.... might not want the IP reject file to be
> cleaned out while all staff is gone for two or three days.... but 24
> hours would be a good default value....
>
<snip>

> SUMMARY:  I request that Wirt's proposal for an "IP reject file"
> (with my small modification) be added to the SIGMPE enhancement
> list.  The "ability to encrypt MPE logon info" should already be there
> somewhere....
>
> Ken Sletten
>