[1326] in linux-security and linux-alert archive
[linux-security] Re: denial of service attack on login
daemon@ATHENA.MIT.EDU (Chris Adams)
Wed Nov 27 04:33:14 1996
From: Chris Adams <cadams@sh1.ro.com>
To: linux-security@redhat.com
Date: Tue, 26 Nov 1996 23:40:33 -0600 (CST)
Cc: johnsonm@redhat.com
In-Reply-To: <199611261549.HAA16832@parc.power.net> from "Andrew G. Morgan" at Nov 26, 96 07:49:33 am
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Once upon a time, Andrew G. Morgan wrote
> The following denial of service attack seems to work quite nicely on my
> ancient Red Hat 3.0.3 system with the standard login application. Perhaps
> this is not a problem with 4.0? Does anyone know about other distributions?
>
> joe$ nvi /var/log/wtmp
>
> [ Now no-one else can log in ]
This doesn't seem to happen on my system - RedHat 3.0.3 + shadow
passwords. My /bin/login comes from shadow-960810-1. Maybe the
shadow passowrd suite doesn't try to lock wtmp?
--
Chris Adams - cadams@ro.com
System Administrator - Renaissance Internet Services