Off Topic Telnet problems
Fairlight
fairlite at fairlite.com
Tue Mar 17 13:55:21 PDT 2009
Y'all catch dis heeyah? Bill Campbell been jivin' 'bout like:
> Is this a SCO OpenServer box?
>
> I seem to remember something where they would disable ports after
> too many failed login attempts or some such, but do not remember
> what the fix was other than one goes into scoadmin to fix it.
That's insane for anything that's not a hardwire device like a serial port.
I could see that case...
But for ttypX, where the lowest non-used port is always tried? There's
either something I'm overlooking (which I can't think for the life of me
of ATM), or it's some of the poorest software engineering I've seen in a
while.
Actually, does OSR5 (or even 6) support anything but DES for passwords?
SHA1, MD5, or BlowFish, maybe? If not, why even bother? The pool for
salts is only 4096 deep with DES, as I remember Bill Vermillion pointing
out on numerous occasions. You don't even need distributed computing to
crack that in a reasonable time, given today's horsepower.
But hey..."Ooh...too many failures. Quick, lock -everyone- out!"
There's a design oxymoron there.
mark->
More information about the Filepro-list
mailing list