Bugtraq mailing list archives
Re: Write-only devices (Was read only devices)
From: jrvalverde () samba cnb uam es (J.R.Valverde)
Date: Fri, 28 Jun 1996 10:36:57 WET
I always wondered why the heck this happens. While knowing what account is being attempted is valuable, why the heck doesn't the code just try and see if pAsSwOrD is a valid account name? If it isn't, don't display it or say "failed login attempt for an undefined system user."
Then you miss some interesting patterns like, e.g. someone mistyping a username or trying for common usernames. I know of many sites that rename 'root' or 'system' to something different, or that do not have a 'postmaster' or... These attacks, specially with default accounts that on some systems still come with default passwords would be missed. For instance. Crackers do not use old-well-known techiniques. They are constantly devising new methods, and you can't know in advance what these will be, hence you can't easily discard any information in advance either. jr
Current thread:
- Re: Write-only devices (Was read only devices), (continued)
- Re: Write-only devices (Was read only devices) Gary Howland (Jun 26)
- Re: Write-only devices (Was read only devices) J.R.Valverde (Jun 27)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Jonathan Lemon (Jun 27)
- Re: Write-only devices (Was read only devices) Roderick Murchison, Jr. (Jun 27)
- Re: Write-only devices (Was read only devices) Matthew Cable/USA.NET Inc. (Jun 27)
- Re: Write-only devices (Was read only devices) Casper Dik (Jun 27)
- Re: Write-only devices (Was read only devices) aleipold () clark net (Jun 27)
- Re: Write-only devices (Was read only devices) Robert Banz (Jun 28)
- Re: Write-only devices (Was read only devices) Ken Weaverling (Jun 27)
- Re: Write-only devices (Was read only devices) Valdis.Kletnieks () vt edu (Jun 28)