[Info-vax] VMS v8.4 disk corruption

[Paul Sture]

In article <00AA1CD9.BC0FC1BE at SendSpamHere.ORG>,
 VAXman-  @SendSpamHere.ORG wrote:

> In article <i3uhle$3ml$1 at pcls6.std.com>, moroney at world.std.spaamtrap.com 
> (Michael Moroney) writes:
> >koehler at eisner.nospam.encompasserve.org (Bob Koehler) writes:
> >
> >>In article <4c61bfa2$0$6090$c3e8da3 at news.astraweb.com>, JF Mezei 
> >><jfmezei.spamnot at vaxination.ca> writes:
> >>> 
> >>> Personally, I find the ability to see what passwords are being used
> >>> during an attack to be extremely important. Telling whether they are
> >>> using radom/common passwords from a dictionary or whether they are using
> >>> brute force, or whether they seem to have a valid password are all very
> >>> important distinctions.
> >
> >>   How do you know what the valid password is for someone else's
> >>   account?  Or are you the only user on these systems?
> >
> >I've seen things where breakin messages were going to the operator's
> >console with things like this:
> >
> >Breakin attempt for user FOOBAR
> >....
> >Password: SEXYLADY1
> >
> >Breakin attempt for user FOOBAR
> >....
> >Password: SEXYLADY2
> >
> >Breakin attempt for user FOOBAR
> >....
> >Password: SEXYLADY3
> >
> >Breakin attempt for user FOOBAR
> >....
> >Password: <valid>
> >
> >Breakin attempt for user FOOBAR
> >....
> >Password: SEXYLADY5
> >....
> >
> >The actual incorrect passwords are part of the OPCOM message, and a
> >valid password was replaced by the string "<valid>". 
> >The login was denied due to breakin evasion already in force.
> >It can be obvious from the pattern what the real password is.
> >Regardless, it's definite that they did enter a valid password.
> >
> >This is how it worked a while ago, I don't know what it does now.
> 
> Is this machine on the internet so that I can log in as FOOBAR:SEXYLADY4?

Presumably, you will only be able to log in if impersonation services 
have been installed :-)

-- 
Paul Sture