Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Post by Chris Marb » Wed, 27 Dec 2000 13:43:21




>    Is there any low-cost software or script or there that
> will lock the user's password after he/she attempts to log in
> via telnet unsuccessfully for three times ??

You really don't want to do this.  It lets a user lock out any other user
by trying to log in as them.  This could include the root user if you had
your configuration set up terribly.
--

  My opinions are my own and probably don't represent anything anyway.
 
 
 

1. Lock User Account in Solaris 2.6 after 3 failed telnet sessions

Hi Bill,

You can create /var/adm/loginlog with permissions 0600. If the login failed
it is logged in this file after 'n' wrong user-IDs/passwords (n=5 per
default, you may change this with RETRIES=x in /etc/default/login to x). You
can write a script to parse /var/adm/loginlog. Notice that this behaviour
you try to implement can be used for a DoS attack and is not restricted to
telnet. Your users should use ssh anyway to prevent package sniffer attacks.

Hope this helps.

Frank

2. Memory layout problem

3. Another Security Patch -- When will it end????

4. How to end a user's session gracefully (Solaris 2.6/Bourne shell)

5. [Fwd: SCSI w/o BIOS]

6. Precision: Intermittent telnet active sessions failed from users

7. Linux file system support in a RTOS

8. How do you lock user accounts after failed logins

9. Remote Xterm session with solaris 2.6 with a solaris 2.3

10. 2.6 FCS -> 2.6 5/98 upgrade fails because /usr moved to /usr:2.6

11. (Help) FTP fails in Solaris 9 but not in Solaris 2.6

12. compile error under new solaris 2.6 system (new solaris user too)