[Info-vax] VMS v8.4 disk corruption
Arne Vajhøj
arne at vajhoej.dk
Wed Aug 11 16:38:56 EDT 2010
On 11-08-2010 12:32, VAXman- @SendSpamHere.ORG wrote:
> In article<i3uhle$3ml$1 at pcls6.std.com>, moroney at world.std.spaamtrap.com (Michael Moroney) writes:
>> koehler at eisner.nospam.encompasserve.org (Bob Koehler) writes:
>>
>>> In article<4c61bfa2$0$6090$c3e8da3 at news.astraweb.com>, JF Mezei<jfmezei.spamnot at vaxination.ca> writes:
>>>>
>>>> Personally, I find the ability to see what passwords are being used
>>>> during an attack to be extremely important. Telling whether they are
>>>> using radom/common passwords from a dictionary or whether they are using
>>>> brute force, or whether they seem to have a valid password are all very
>>>> important distinctions.
>>
>>> How do you know what the valid password is for someone else's
>>> account? Or are you the only user on these systems?
>>
>> I've seen things where breakin messages were going to the operator's
>> console with things like this:
>>
>> Breakin attempt for user FOOBAR
>> ....
>> Password: SEXYLADY1
>>
>> Breakin attempt for user FOOBAR
>> ....
>> Password: SEXYLADY2
>>
>> Breakin attempt for user FOOBAR
>> ....
>> Password: SEXYLADY3
>>
>> Breakin attempt for user FOOBAR
>> ....
>> Password:<valid>
>>
>> Breakin attempt for user FOOBAR
>> ....
>> Password: SEXYLADY5
>> ....
>>
>> The actual incorrect passwords are part of the OPCOM message, and a
>> valid password was replaced by the string "<valid>".
>> The login was denied due to breakin evasion already in force.
>> It can be obvious from the pattern what the real password is.
>> Regardless, it's definite that they did enter a valid password.
>>
>> This is how it worked a while ago, I don't know what it does now.
>
> Is this machine on the internet so that I can log in as FOOBAR:SEXYLADY4?
I believe that it is username+password not node+username.
But somehow I assume that the username FOOBAR is a made
up example.
Arne
More information about the Info-vax
mailing list