Gratuitous console msgs

Steve DeJarnett steve at polyslo.CalPoly.EDU
Wed Aug 31 07:23:32 AEST 1988 

In article <20968 at tut.cis.ohio-state.edu> karl at triceratops.cis.ohio-state.edu (Karl Kleinpaste) writes:
>steve at polyslo.calpoly.edu writes:
>   Another annoying "feature", introduced in OSx4.4
>   is the fact that when there are bad login messages, they only
>   report which tty the bad login occured on, and not what/who it was.
>
>There is in fact at least one good reason for this.  Sometimes people
>make a mistake in their login sequence, and inadvertently type their
>password at the login: prompt.  Not only does it echo on their screen
>for all those people looking over their shoulder to read, but if the
>`login name' is logged as part of the BADLOGIN or BADREMOTE to the
>console, then anyone in the machine room can see your password, too.
>We don't own our entire machine room; other departments have equipment
>in there, too, and one 98xe is in a semi-public Macintosh lab, guarded
>only by the lab monitor on duty.

	This is a valid point, but, for those of us who do own our machine
room, it would be nice to be able to detect bad logins.  Even nicer would be
something like SunOS where it says something to the effect of:

	'Repeated bad logins on tty?? as <whatever>'

	This would eliminate the case where Joe User typed his login and 
password in at the wrong times and having them show up on the console.  This
would also cut down on the number of these bad login messages that displace
what might be 'real' problem messages on the console.

>Personally, I want to be able to configure whether or not the login
>name appears in the BAD{LOGIN,REMOTE} messages.  Stop hard-coding
>these difficult choices.

	Yes.  If we can't have it the way I mentioned above, how about something
like this.  In a University environment, there are often a number of people 
who go around trying to get into other people's accounts by trying random 
passwords.  I've been able to warn users in the past due to these messages on
the console, but now all I know is that someone out there is trying to break
into someones account, but I have no idea whose it is.  I suppose I could check
the log files (if those are even still maintained properly -- I don't know, as
I haven't checked recently), but there should be some way to decide based on
your own situation.

>
>--Karl

-------------------------------------------------------------------------------
| Steve DeJarnett            | Smart Mailers -> steve at polyslo.CalPoly.EDU     |
| Computer Systems Lab       | Dumb Mailers  -> ..!ucbvax!voder!polyslo!steve |
| Cal Poly State Univ.       |------------------------------------------------|
| San Luis Obispo, CA  93407 | BITNET = Because Idiots Type NETwork           |
-------------------------------------------------------------------------------

More information about the Comp.sys.pyramid mailing list