[1331] in linux-security and linux-alert archive
[linux-security] Re: denial of service attack on login
daemon@ATHENA.MIT.EDU (Paul Christenson)
Wed Nov 27 18:06:04 1996
Date: Wed, 27 Nov 1996 08:54:41 -0800 (PST)
From: Paul Christenson <paul@tech.cyclades.com>
To: Linux Security <linux-security@redhat.com>
In-Reply-To: <199611261549.HAA16832@parc.power.net>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
On Tue, 26 Nov 1996, Andrew G. Morgan wrote:
> The following denial of service attack seems to work quite nicely on my
> ancient Red Hat 3.0.3 system with the standard login application. Perhaps
> this is not a problem with 4.0? Does anyone know about other distributions?
>
> joe$ nvi /var/log/wtmp
It locks people out of Debian 1.2 as well.
+----------------------------------------------------+
| Technical Support Engineer, Cyclades Corporation |
| 800/88-CYCLADES (882-9252) or (510)770-9727, x258 |
| High Performance Multiport Serial Cards & Routers |
| Unsolicited mail ads subject to a $25 handling fee |
+----------------------------------------------------+