Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Post by Fran » Sun, 10 Dec 2000 04:58:55



Hi Bill,

You can create /var/adm/loginlog with permissions 0600. If the login failed
it is logged in this file after 'n' wrong user-IDs/passwords (n=5 per
default, you may change this with RETRIES=x in /etc/default/login to x). You
can write a script to parse /var/adm/loginlog. Notice that this behaviour
you try to implement can be used for a DoS attack and is not restricted to
telnet. Your users should use ssh anyway to prevent package sniffer attacks.

Hope this helps.

Frank

 
 
 

1. Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Attacking the problem from the wrong end; instead of
tracking telnets, just disable accounts after x bad
login attempts.  Solaris should be able to do that,
although I don't have a reference handy.

By the way, you *do* realize this kind of policy means
that anyone who knows a username (and usernames, of
course, are not generally secret) can disable that
username, right?  *You* want to explain to the Very
Important User why some joker has disabled his
account every day for the past week?

                      Chris Mattern

2. copied hard drive not booting

3. How do I stop the following from loading at boot?

4. How to end a user's session gracefully (Solaris 2.6/Bourne shell)

5. vxsparecheck vs. vxrelocd

6. Precision: Intermittent telnet active sessions failed from users

7. timeouts...please help.

8. How do you lock user accounts after failed logins

9. Remote Xterm session with solaris 2.6 with a solaris 2.3

10. 2.6 FCS -> 2.6 5/98 upgrade fails because /usr moved to /usr:2.6

11. (Help) FTP fails in Solaris 9 but not in Solaris 2.6

12. compile error under new solaris 2.6 system (new solaris user too)