[Info-vax] SSH on VAX - performance impact of break in attempts
glen herrmannsfeldt
gah at ugcs.caltech.edu
Wed Aug 25 16:16:19 EDT 2010
Michael Moroney <moroney at world.std.spaamtrap.com> wrote:
>>VAXman- wrote:
>>(snip)
>>> The 12 character username prohibits the 'administrator' account.
Then I wrote:
>>I thought that was changed a long time ago.
(snip)
>>I believe I was asked if I wanted all 14, but I was too used to
>>the other one by then.
> Doesn't VMS simply ignore all characters after the first 12? I think
> my audit server logs show many breakin attempts against the nonexistent
> ADMINISTRATO account.
It did for early versions, but around 1986 or so it changed.
I was told at the time that it changed to allow longer names,
but at least I know it didn't truncate them.
This is for terminal logins. It might be that sshd or telnetd
truncate, even when terminal logins don't.
-- glen
> (speaking of which, has anyone ever set up a captive ADMINISTRATO or
> ROOT account with an easily-guessable password that simply logs what
> the remote hacker tries to do (or even generate dummy output) just for
> giggles?)
More information about the Info-vax
mailing list