Bugtraq mailing list archives

Re: RH Linux telnet problems

From: jhardin () wolfenet com (John D. Hardin)
Date: Thu, 15 Apr 1999 17:00:10 -0700


On Thu, 15 Apr 1999, Rui Ribeiro wrote:

It should issue a error and not ask for the password, since


Not necessarily. Shortcutting the login process in that manner would
leak security policy information.

If you *always* get "Login" and then "Password", then you cannot
determine whether the failure was due to an invalid account name, a
bad password, or security policy restrictions.

--
 John Hardin KA7OHZ                               jhardin () wolfenet com
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  If Rupert the Boy Genius manages to get Microsoft TR working, we may
  see "BSOD" move from a term of derision to a physical reality...
  http://www.seattleweekly.com/features/9913/features-barcott.shtml
-----------------------------------------------------------------------
   34 days until Star Wars episode I

Current thread:

Re: RH Linux telnet problems James, Samuel P (Apr 15)
- <Possible follow-ups>
- Re: RH Linux telnet problems Alessandro Rubini (Apr 15)
- Re: RH Linux telnet problems Dalvenjah FoxFire (Apr 15)
- Re: RH Linux telnet problems Jamie Lawrence (Apr 15)
- Re: RH Linux telnet problems John D. Hardin (Apr 15)