Subject: | |
From: | |
Reply To: | |
Date: | Wed, 2 Dec 1998 22:23:19 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
How about a few additions to Kens additions :)
1. The number of "qualifying" logon failures should be configurable.
2. Add a maintenance utility which will allow the system manager to
. Display the currently "blacklisted" IPs.
. Add an IP (or IP mask) to the list. Allow the setting of a
flag such that this entry will never be "automatically removed".
. Remove an IP (or IP mask) from the list regardless of the time
element.
. Perform the "cleansing" process immediately.
3. This should apply to all VT logons and not just TELNET.
Regards,
Michael L Gueterman
Easy Does It Technologies
Allaire Alliance Partner
email: [log in to unmask]
http://www.editcorp.com
voice: (888) 858-EDIT -or- (509) 943-5108
fax: (509) 946-1170
--
> -----Original Message-----
> From: HP-3000 Systems Discussion [mailto:[log in to unmask]]On
> Behalf Of Sletten Kenneth W
> Sent: Wednesday, December 02, 1998 9:16 PM
> To: [log in to unmask]
> Subject: Re: [HP3000-L] HP3000/Internet Security
>
<snip>
> May I suggest one additional refinement: If and when we can
> get HP to do this, while they are at it allow for a *configurable*
> number of hours between "purge all IP addresses"... oh, and it
> should be configurable *online*.... If nothing else, remember that
> there are weekends.... might not want the IP reject file to be
> cleaned out while all staff is gone for two or three days.... but 24
> hours would be a good default value....
>
<snip>
> SUMMARY: I request that Wirt's proposal for an "IP reject file"
> (with my small modification) be added to the SIGMPE enhancement
> list. The "ability to encrypt MPE logon info" should already be there
> somewhere....
>
> Ken Sletten
>
|
|
|