[Info-vax] VMS v8.4 disk corruption

[Michael Moroney]

=?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne at vajhoej.dk> writes:

>On 11-08-2010 12:32, VAXman- @SendSpamHere.ORG wrote:

>>> I've seen things where breakin messages were going to the operator's
>>> console with things like this:
>>>
>>> Breakin attempt for user FOOBAR
>>> ....
>>> Password: SEXYLADY1
>>>
>>> Breakin attempt for user FOOBAR
>>> ....
>>> Password: SEXYLADY2
>>>
>>> Breakin attempt for user FOOBAR
>>> ....
>>> Password: SEXYLADY3
>>>
>>> Breakin attempt for user FOOBAR
>>> ....
>>> Password:<valid>
>>>
>>> Breakin attempt for user FOOBAR
>>> ....
>>> Password: SEXYLADY5
>>> ....
>>>
>>> The actual incorrect passwords are part of the OPCOM message, and a
>>> valid password was replaced by the string "<valid>".
>>> The login was denied due to breakin evasion already in force.
>>> It can be obvious from the pattern what the real password is.
>>> Regardless, it's definite that they did enter a valid password.
>>>
>>> This is how it worked a while ago, I don't know what it does now.
>>
>> Is this machine on the internet so that I can log in as FOOBAR:SEXYLADY4?

>I believe that it is username+password not node+username.

>But somehow I assume that the username FOOBAR is a made
>up example.

It's a made up example, but I was thinking of a specific case from long
ago.  The paper console from a VAX 780 (told you it was long ago) in a DEC
lab was spitting out paper containing that.  I don't remember the
passwords use other than the user was repeating a group of them, and one
of them was valid, and it was guessable which one.  Whoever was doing it
was apparently unaware of breakin evasion, and IIRC it was legitimate
access attempts, not an actual breakin/hacking attempt.  BTW the real
Username was SYSTEM, not FOOBAR.

I reported what I saw to VMS Engineering saying that this was 
dumb/dangerous since one needed only to be able to see the OPA0: output to
see the passwords, not any access to the machine.