[Info-vax] X-terminals again
Bill Gunshannon
billg999 at cs.uofs.edu
Wed Jan 14 21:35:28 EST 2009
In article <005a6985$0$4663$c3e8da3 at news.astraweb.com>,
JF Mezei <jfmezei.spamnot at vaxination.ca> writes:
> Bill Gunshannon wrote:
>
>>> Replace that by "secure login screen" and I'm with you. So, no XDM.
>>
>> If you can't trust your own users, you have more serious problems than
>> you might get from XDM. And you can keep your XDM local eliminating
>> any fears of outsiders getting at it.
>
> With the VMS XDM login screen, purposefully enter a wrong password. Look
> at your audit logs to see if this even was logged.
>
> Purposefully enter 3 or 43 bad passwords, do a SHOW INTRUSION to see if
> this was detected.
>
> They may have added those, but last time I checked, there was none of
> the above.
Read what I said. Limit access to within your own network. If you can not
trust your own employees, you have bigger problems than XDM.
Of course, in this case it turns out to be moot. Based on his latest
explanation it looks like the VMS system is setup to start login screens
specifically on these three X-terminals. Probably still no logging, but
when there are only three places an attacker can use it's going to be
pretty hard to do without getting caught.
bill
--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999 at cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include <std.disclaimer.h>
More information about the Info-vax
mailing list