LISTSERV - HP3000-L Archives

HP3000-L Archives

August 1996, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L August 1996, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Re[2]: disable PARM=-1 signon
From:	Stan Sieler <[log in to unmask]>
Reply To:	Stan Sieler <[log in to unmask]>
Date:	Tue, 20 Aug 1996 18:35:28 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (21 lines)

You're still trading an essentially liberty for a temporary security.
 
> logons at all) then allowing anyone to VT or telnet into your system and
> try :HELLO MANAGER.SYS;PARM=-1 until they guess your passwords is a difficult
> tradeoff. Aside from disallowing incoming VT or telnet access to your
> machine at all, there's not much you can do but sit there and watch them...
 
A better answer is non-UDC-based software that would disable logons to
MANAGER.SYS for 5 minutes after 3 unsuccessful attempts or, perhaps,
limit it to ldev 20 and the support modem.  Both could easily
be done with AIF:PE, and may be available from HP (is Security Monitor
on MPE/iX?) or VEsoft.
 
Remember my analogy....you're saying "but, my house is on the main
street, so a lot of people can try to enter it".  When the fire comes,
you'll regret the security bars on the windows.
 
--
Stan Sieler                                          [log in to unmask]
                                     http://www.allegro.com/sieler.html

ATOM RSS1 RSS2

RAVEN.UTC.EDU