Finding Passwords
Saumen K Dutta
skdutta at cs.tamu.edu
Sat Oct 6 03:09:13 AEST 1990
In article <BZS.90Oct5105801 at world.std.com> bzs at world.std.com (Barry Shein) writes:
->
->>Hold on! Then what point is served? The "printout" would have to be
->>performed by login itself. Having a suid program or some similar "external"
->>program would be useless - it could just as easily be called by a spoofer.
->
->You missed my point.
->
-> .........
->If there were a program in your .login or .profile, call it logbad,
->which queried the number of bad attempts and printed something like:
->
-> 0 bad logins since last successful on Nov 9, 1965 20:06
->
->you would be able to say "hmm, I just got a login incorrect WHY IS
->THAT COUNT ZERO!!!"
->
->Now, I guess the spoofer could walk over to another terminal and cause
->one bad login to occur. Perhaps a "logbad -l" should be run by hand
->when suspicions arise which would report the exact time and terminal
->each bad login occurred (it would be easy to store such info.)
->
I am wondering what can happen if the trojan program before exiting
or before exec'ing runs a bad login anyway just to make sure that
the user records one bad login. The time will not be much different
for the user to suspect!
--
_ ||Internet: skdutta at cssun.tamu.edu
( /_ _ / --/-/- _ ||Bitnet : skd8107 at tamvenus.bitnet
__)_/(_____(_/_(_/_(_(__(_/_______ ||Uucp : uunet!cssun.tamu.edu!skdutta
.. ||Yellnet: (409) 846-8803
More information about the Comp.unix.internals
mailing list