[1331] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: denial of service attack on login

daemon@ATHENA.MIT.EDU (Paul Christenson)
Wed Nov 27 18:06:04 1996

Date: Wed, 27 Nov 1996 08:54:41 -0800 (PST)
From: Paul Christenson <paul@tech.cyclades.com>
To: Linux Security <linux-security@redhat.com>
In-Reply-To: <199611261549.HAA16832@parc.power.net>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

On Tue, 26 Nov 1996, Andrew G. Morgan wrote:

> The following denial of service attack seems to work quite nicely on my
> ancient Red Hat 3.0.3 system with the standard login application. Perhaps
> this is not a problem with 4.0? Does anyone know about other distributions?
> 
> 	joe$ nvi /var/log/wtmp

It locks people out of Debian 1.2 as well.

         +----------------------------------------------------+ 
         | Technical Support Engineer, Cyclades Corporation   |
         | 800/88-CYCLADES (882-9252) or (510)770-9727, x258  |
         | High Performance Multiport Serial Cards & Routers  |
         | Unsolicited mail ads subject to a $25 handling fee |
         +----------------------------------------------------+


home help back first fref pref prev next nref lref last post